Election Security – Where Trust is Behind Every Ballot
Okay, we are only a month away from the 2019 elections and local officials can’t help but wonder how secure their election system is. And let’s face it, there’s far more at stake than simply deciding upon a winning candidate – trust in government is behind every ballot.
As reported in Government Computer News (GCN) we know that cybercriminals tampered with the 2016 election the results of which have led to discussions about how to secure voting in districts across the country, especially as they increasingly transition to digital processes. Recognizing that voting procedures are set by each state there is no blanket regulation that would improve upon voter security throughout the nation. Last year the Federal Elections Assistance Commission handed out $380 million dollars targeted for states to use as they see fit and more recently Congress voted for more funding for the 2019 elections. Most will agree that this initial funding didn’t come close to addressing the real needs of local governments.
There are over 8,000 jurisdictions across the country responsible for the administration of elections. Cyberattacks have dramatically escalated in the past 2.5 years and have become more sophisticated and harder to detect and not limited to elections either. Since elections are entwined with trust – this is what is getting everyone’s attention these days.
There is some good news to report - and that is the availability and publication of the Handbook for Elections Infrastructure Security published by the Department of Homeland Security (DHS) funded Center for Internet Security (CIS). This is a great resource that every public official should download and read (it’s free) and the list of contributors and reviewers is both reassuring as it is impressive.
According to its publisher (CIS) the primary goal of this handbook is to impact and improve the security of elections infrastructure as soon as possible, and ideally in advance of the 2018 elections, and establish a set of best practices that, with continual updates, supports elections infrastructure security into the future. The folks at CIS expect many elections systems will already incorporate the majority of these mitigations, allowing those jurisdictions to demonstrate a strong baseline. In that case, the handbook can assist in prioritizing for continual improvement and evolution.
While there is always the temptation to look for easy to cut and paste templates and solutions, the handbook does not recommend any single approach to managing election systems or developing and deploying any particular election systems technology. Instead it recommends that election jurisdictions tailor their voting processes and systems to the needs of their voters and jurisdictional laws and requirements.
Developing a risk assessment is the best place to start. Just a few years ago most strategies were aimed at eliminating any cyberattack through hardware and software solution defenses. Today no technology professional can guarantee 100% safety and immunity from cyberattacks and intrusions. We have come to accept the new reality that we can only mitigate risk and develop remediation strategies if and when something happens. As the CIS Handbook points out, it all starts with a top-level assessment of vulnerabilities and potential consequences to the elections systems infrastructure and by identifying network connectivity— devices or systems that work with other devices or systems to achieve their objectives—as the major potential vulnerability. The reason is simple: given an adversary with sufficient time and resources, systems that can be accessed via a network cannot be fully protected against compromise. There are ways to improve the security of network connected systems with additional controls, but the inherent complexity of network connectivity results in significant residual vulnerabilities. As shown below, election systems are linked one way or another to other systems and it is where the transfer of information can also lead to points of extra risk.
Of course, many counties are dealing with outdated or unproven technologies and to make matters worse, they lack the technical expertise and or lack the resources to bring in outside experts. Such obstacles while not to be ignored, should not be offered as a blanket excuse for not acting with the resources you do have access to. Aside from the obvious network integrity and communications issues, the handbook offers some useful insights into the following:
- Eligibility for an individual to register to vote;
- Voter identity verification, unless specifically about the accuracy and availability of voter registration rolls;
- Security of campaigns or campaign information systems; and
- The accuracy of information about candidates or issues, including those conveyed using social media.
Like many systems, for election systems this involves establishing trust in users, devices, software, and processes. Many systems are “composed,” or built up from a variety of commercial and purpose-built parts, devices, and software connected via processes and user actions. The results in security decisions about trust are made across many components and brought together at a system level. In other cases, key election system components or services functions are contracted out. This does not change the security responsibility for decision-makers but forces them to think about how the desired security properties can be specified in contract language and service specifications, rather than implemented directly. The last of the three sections focus on:
- A set of critical risk-mitigating activities from which all organizations can benefit,
- Recommendations for best practices in contracting for IT services, and
- A set of best practices in the form of recommendations and controlsfor network connected and indirectly connected devices, as well as for transmission of information.
The Handbook should be required reading for all election officials and can serve as the basis for in-house training or at the very least meaningful discussion among the various stakeholders. Better yet the CIS created the Elections Infrastructure-ISAC and membership is free. Once signed up you will receive and timely information what is happening in localities across the nation.
Let’s vote for being better informed and active and everyone will benefit in the midterm elections.
Center for Internet Security and Handbook download: https://www.cisecurity.org/elections-resources
Senior Communications Manager