How the U.S. can defend its elections from cyberattacks
Amid the cybersecurity whirlwind that has been May and June—when the world got its first taste of what widespread ransomware attacks are capable of(WannaCry) and the continued wave of attacks that is still unfolding globally(Petya/NonPetya)—the public’s attention has yet again been pulled away from the news most relevant to the United States and our future: A Department of Homeland Security (DHS) official in Trump’s administration confirmed that Russiatargeted election-related systems in 21 states ahead of the 2016 presidential election.
In the wake of all the recent ransomware news and last year’s Russian cyberattacks, a new 2017 survey by Carbon Black found that 27 percent of eligible U.S. voters “will consider not voting” in the future elections because of their concerns regarding cybersecurity. This means that in the next presidential election, 58.8 million people might not vote. With the 2018 mid-term election drawing near, this could have dire consequences on the future of voting in our country.
As a result of the 2016 cyber attacks, the U.S. learned what security experts have shouted for years: We are vulnerable! While we have significant potential for cyber defense and offense, we are plagued by internal breaches like those that released CIA attack tools and external compromises such as the Shadow Broker attack on the NSA. Noting this imbalance, Russia launched a targeted disruption campaign against the U.S., not specifically to change votes or directly alter the election, but to sow mistrust and concerns among American citizens.
What can be done to prevent election hacking in 2018 and beyond? Can we restore faith in the American voting system, or is the damage already done?
The government must heed Comey’s words: 'They will be back'
The 2016 election cyber attacks had a silver lining: voters are starting to open their eyes to the problem. It is now the task of lawmakers to regain the trust of the public by creating public-private partnerships that seek to extend and broaden the scope of effective cybersecurity; spend funds on critical infrastructure protection to harden against cyber attacks; assist in educating the general population to beware of social engineering and email phishing attacks; and share known exploits and issues so that organizations can patch systems ahead of the attack.
In our last election, 25 percent of Americans voted using electronic voting machines. Many of these machines used outdated software on aged machines with inadequate cybersecurity. Thus, the potential for meddling with these machines is there, and our dependence on electronic voting machines may create an unnecessary vulnerability in our election process.
Therefore, in order to restore the public’s confidence in our voting process it is crucial that we invest in hiring and infrastructure to support hand-voting in the majority of areas until electronic voting can be made secure. Marking a paper ballot that can later be used to verify a vote will make our future elections as secure as possible and help the country trust our election process again.
Citizens can also take cybersecurity into their own hands
While the government needs to make adjustments in order to preserve the integrity of our voting system, citizens too can take a proactive approach to ensure that they aren’t victims of the next cyber attack.
If nothing else, the 2016 election attacks demonstrated that we are all vulnerable to the simplest email phishing ploys. To better protect the integrity of our voting system, citizens need to leverage advances in cybersecurity technology and develop processes to make it difficult for Russia (or any adversary) to succeed in future attacks.
A few general rules for individuals to follow in order to avoid email hacking:
Don’t click links or open attachments in email unless the email is first verified
Use authentication and encryption to protect data if a compromise occurs
Deploy numerous verification techniques like two-factor authentication to set up layers of security around precious information
Americans’ insatiable desire for rapid communication has often resulted in shortcutting the security necessary to authenticate and verify information. Our abuse of email as the primary method of business communication has made us vulnerable to email phishing or social engineering attacks that exploit a person’s trust. Businesses also need to do more in policing these simple cybersecurity rules for all employees.
Building a secure voting future
Designating elections systems as critical infrastructureis a step in the right direction and by committing to investing in infrastructure, we can start to regain the trust of voters, while lawmakers can ensure that our elections will not be hacked in the future. Since citizens are a part of an information sharing system most likely to be attacked, security must also move as close to the people it serves as possible.
Cybersecurity solutions must then focus on the endpoint – the device in a human’s hand – in order to prevent mistakes and spies from exploiting the weakest link in our security systems, the users of these devices.
Putin and his fellow cyber spies will seek to continue voting disruption campaigns, so we must be especially vigilant in our upcoming 2018 midterm elections. The government must invest time, money and attention in a robust cyber counterintelligence community that hunts attacks and provides warnings to industries before, not after, the breach occurs, while our citizens must be diligent to protect themselves from email phishing schemes.
Together, we can protect our voting system, and most importantly, our democracy.
Eric O’Neill is a national security strategist at Carbon Black’s where he specializes in counterterrorism and national security matters. A former FBI operative, he is nosw a practicing attorney who specializes in cybersecurity vulnerability assessments, counterintelligence and counterterrorism operations, investigations into economic espionage, internal investigations, and security risk assessment consulting.
(责任编辑:行业动态)
- Which iPad Model Is Right for You?
- S. Korea mulls postponing UN peacekeeping conference amid pandemic
- Injured Djokovic skips practice
- North Korea also struggling with heatwave
- Update your BIOS: Utilities from Top Motherboard Makers
- 多措并举优治理 绘就幸福新图景
- Why your Instagram is full of wooden Montessori
- Huge LinkedIn loophole put user security at risk
- North Korea also struggling with heatwave
- Europe now has a huge AI gap, for better or for worse
- Losers cheque worth the journey, says Zidansek
- The Notes app: Where our weirdest, purest selves reside
- QAnon conspiracy blew up because of a bigger internet problem
-
World's first green ammonia plant is now open for business
Three Danish energy tech firms have flung open the doors to the first ever green ammonia plant in th ...[详细] -
Google Maps will tell your friends your location, phone battery level
Google Maps has been rolling out features left and right over the past few weeks, but recently eagle ...[详细] -
USFK says soldier was erroneously declared to have contracted COVID
A gate of US Forces Korea's Yongsan base in central Seoul. (Yonhap)An American soldier recently repo ...[详细] -
Gundogan's Man City must stay 'humble' with winning streak
LONDON:Ilkay Gundogan has urged Manchester City to stay "humble" despite their eye-catchin ...[详细] -
21 Unexpected Wonders in Colorado’s Vibrant Cities and Small Towns
Between Colorado’s storied ranges, folded into its valleys and sprinkled across its plains, you’ll f ...[详细] -
[Photo News] Students in line for COVID
Students line up to get tested for COVID-19 on Thursday morning after a new case was reported at a m ...[详细] -
South's young football players arrive in Pyongyang to play with NK
A South Korean youth football delegation enters the immigration office in Paju, north of Seoul, Frid ...[详细] -
Medvedev beats buttock pain to extend win streak
MELBOURNE:Fourth seed Daniil Medvedev doused a dangerous threat from Filip Krajinovic Saturday to ex ...[详细] -
NYT Strands hints, answers for August 29
If you're reading this, you're looking for a little help playing Strands, the New York Times' elevat ...[详细] -
Google Maps will tell your friends your location, phone battery level
Google Maps has been rolling out features left and right over the past few weeks, but recently eagle ...[详细]
- 11 Places to See Tiny Trains
- New molten salt battery for grid
- South's young football players arrive in Pyongyang to play with NK
- Prosecutors' backlash intensifies against justice minister's suspension of prosecution chief
- CPUs Don't Matter For 4K Gaming... Wrong!
- [Photo News] Students in line for COVID
- The @me Twitter account gets 'hundreds' of notifications per day