The nature of an election makes it vulnerable to a range of security threats against participants, infrastructure, information, and data. Beyond conducting espionage against political parties, corrupting data, Cyber threat actors can create chaos in the electoral process by pushing fabricated content across social media platforms.

An electoral process is constituted from a complex series of interdependent sub-processes— boundary delimitation, civic education, voter education, voter registration, party registration, candidate nomination, the campaign period, polling operations, tallying, and counting, dispute resolution and the official announcement of results. These sub-processes occur in some form during each election cycle.

One methodology to map an election’s risk profile is by the identification of mission critical assets (people, infrastructure, information, and materials), without which, the election cannot proceed.

CYBERSECURITY ATTACKS THAT AFFECT ELECTORAL STRUCTURE AND PROCESSES

1) Ransomware Attacks: The global threat and challenge from ransomware have grown dramatically this year amid the pandemic, as tens of millions of workers rapidly switched to working remotely. A ransomware attack that freezes up local voter databases could be conducted as either a coercive for-profit attack—forcing election bodies to pay steep ransoms on tight timelines to ensure the smooth functioning of the election—or fully destructive, paralyzing systems with no hope of unlocking them.

2) Voter Data Manipulation: One clear way to throw sand in the gears of the election would be to access and change voter registration databases in advance—for instance changing names, street addresses, or zip codes in ways that would cause confusion at polling places. Problems with voter registration data would almost certainly lead to eligible voters being hindered from performing voting exercises. One strength of the USA system in respect to this, is how decentralized these voter rolls are; hackers might be able to hit a single jurisdiction or even a handful, but it’s not like there’s a single national voter database that could muck up voting for everyone. Ahead of the Presidential elections in 2016 in Florida, USA, foreign hackers penetrated 2 Florida counties voting systems and raised new questions about the vulnerability of the nation’s electoral systems

3) Distributed Denial-of-Service Attacks:  Knocking a website offline or slowing access to it for even a few hours could stymie a campaign, delay voting at polling units and slow reporting of results.  DoS can be used to disrupt vote casting, vote tallying, or election audits by preventing access to e-pollbooks, electronic voting systems, or electronic auditing systems.

4) Misinformation:  Standard “phishing” techniques—like spoofed web domains and misleading URLs—could be used to actively mislead voters searching online for information about voting deadlines, polling places, results, or any of the myriad questions that arise amid the logistics of casting a ballot. Twitter, Facebook, and other social media website have also been uniquely aggressive in taking down misleading information.

SPECIFIC TECHNICAL MEASURES TO PROTECT ELECTORAL PROCESSES.

1) Anti-DDoS Protection

Denial-of-service attacks constitute an important segment of all attacks against election technology.  Different network interfaces for voters, system administrators, and data administrators (the administrator interfaces using VPN, with a filtering of the IP addresses if needed) ensure that operators can access systems even if a DDoS attack is ongoing against the public-facing interface.

2) Access Control

The strong identification of users who have data entry access or change privileges is essential to election security. It is also the basis for tracking questionable actions to their source, if needed, provided that proper logging procedures are in place. Strong authentication uses several of the following: something the user knows (passwords), something the user has (tokens, mobile apps, smart cards) or something the user is (biometrics). Authentication of the core team of election officials (those who use the systems regularly and for several election cycles) can be easily handled using good, general IT practices. In addition to authentication, authorization isimportant and has several election-specific details. Access should be granted based on election duties, on the principle of least privilege and while also considering the areas that access is required.

3) Data Integrity

Organizations that are tasked with any part of election technology are also responsible for protecting the data in transit. All data transfers are potential points of compromise. checksums and digital signatures are useful tools to ensure data integrity. Dual-control and independent verification (using separate channels and procedures) for important steps of the election process offers increased security. Where humans are involved, duplicating data entry (by two different people) helps to pinpoint possible errors.

4) Network Segmentation

Processes that are not required to be accessible to the public (in particular, the vote gathering and the vote counting) can take place in an isolated environment. System isolation can be achieved through either logical separation (VLAN) or physical separation (air gap). When opting for physical separation, the data carrier (often an encrypted USB device) and the workstation used to record data to the data carrier should be considered inside the security perimeter.

Elections play a vital role in a free and fair society and are a cornerstone of democracy. We recognize the fundamental link between the trust in election infrastructure and the confidence the public places in basic democratic function.

At Techspecialist Consulting Limited, We pride ourselves in ensuring high level security, resilient and proactive cyber
security methodologies to guard your most valuable assets and services.