Oct 22 2018
Security

Imagine Nation ELC 2018: Election Systems Are Safer, But Not Safe Enough

Disinformation and lack of trust still threaten the security of the midterm elections, officials say.

Election officials across the nation are better at sharing information on potential attacks than they were in 2016, but as the midterm elections near, the system still faces risks from disinformation and tampering, experts said at the Imagine Nation ELC 2018 conference in Philadelphia.

“The steps we’ve taken are leaps and bounds ahead of where we were, just in security the databases, securing the networks,” said Robert Giles, director of the New Jersey Division of Elections. “If something’s going on in Arizona, I don’t read about it the next day in the paper, I get an instant alert. It allows us to be much better protected.”

JOIN THE CONVERSATION: Follow @FedTechMagazine on Twitter for continued Imagine Nation ELC 2018 coverage!

That protection, which also includes whitelisting, two-factor authorization and other technology-based solutions, is against traditional forms of network intrusion, however. Election officials still fear the results of disinformation from sources who want to affect an election — social media posts with deliberately false information about voting times and locations, for example.

Facebook, Twitter and other social media firms have become more assertive in taking down accounts that spread such false information and accounts that are just bots seeking to agitate voters, and election officials on the state and national levels said they are working closely with the companies.

“Two years ago, we wouldn’t have known who to call, and now we have conference calls with Facebook and Twitter,” Giles said. “We have points of contact in the Department of Homeland Security and the FBI. We meet and talk before an incident occurs, and we’re in much better shape.”

Voting Challenges Inside the Booth Persist

Voters themselves, however, create an ongoing challenge that is proving tougher to crack. “They don’t view themselves as the targets of disinformation,” said Greg Touhill, a retired Air Force brigadier general and the nation’s first CISO under President Barack Obama. “They find it hard to believe that they’re targets.”

“And with the way that society is pulling away from traditional media now, it’s harder to fight this” with public service announcements or TV commercials, said Justin Forbes, who leads the Applied Network Defense team at Carnegie Mellon University’s CERT Coordination Center. “Sporting events are the only time I still see commercials.”

Continuing help is still needed for the 10,000 jurisdictions that conduct elections, not all of which have the resources — financial, technical or human — to fully protect their systems.

Thirty-nine states have online voter registration, and that data is public, making it readily available to attackers.

The U.S. Election Assistance Commission has $380 million available for states to fortify their election systems, and some of that money should also go to protect voter registration rolls, said Tom Hicks, EAC chairman.

“Peaceful transition of government makes our country special,” said Touhill. “If we don’t have secure elections, that compromises our ability as Americans to have the type of country that we want.” 

Read more articles and check out videos from FedTech’s coverage of Imagine Nation ELC 2018 here.

natasaadzic
Close

Learn from Your Peers

What can you glean about security from other IT pros? Check out new CDW research and insight from our experts.