facebook linkedin twitter

Federal Program Offers New Cybersecurity Tool for Elections

August 6, 2020by Christina A. Cassidy, Associated Press
Voters walk to a polling station to cast votes for GOP and Democratic primary candidates Tuesday, Aug. 4, 2020, in Chandler, Ariz. (AP Photo/Ross D. Franklin)

ATLANTA (AP) — State and local officials are receiving additional tools from the federal government to help defend the nation’s election systems from cyberthreats ahead of the November vote, as intelligence officials continue to warn about foreign efforts to interfere in the U.S. election.

Under a $2.2 million pilot program that began in March, the Department of Homeland Security’s cybersecurity agency in partnership with the Center for Internet Security has been deploying software to election offices. It is then placed on devices, including laptops and servers used for voter registration and reporting vote totals, to detect malicious activity. The program was highlighted during a congressional hearing Tuesday.

“This is the next step, the evolution of helping state and local entities,” said Matt Masterson, a top cybersecurity official within the Department of Homeland Security. “This really advances their ability to protect their networks.”

Thirty state election offices have already integrated the so-called endpoint detection and response tools, which are routinely used in the private sector but less common at the local level. Through the federal program, officials expect to have this deployed in at least nine additional states by November. Fewer than 100 local government agencies have signed up so far.

Endpoint detection is a key component of network defense designed to detect intrusions early. The software identifies known threats as well as suspicious behavior that could indicate an attack.

“The threat actors are creating over a million new strings of malware a day,” said Michael Atkinson with FireEye, a leading cybersecurity firm that provides such software. “If you don’t have the capacity to search in your endpoint infrastructure for the bad guys and have human cybersecurity experts work on that for you, in the end, compromise will likely be inevitable.”

Under the program, CIS analysts would receive alerts of suspicious activity, allowing them to monitor and track suspicious activity across jurisdictions with the goal of early detection and mitigation. Officials said the effort was just the latest in steps taken to shore up cybersecurity since the 2016 presidential election.

“While there are no guarantees in cybersecurity, I can assure you that the security defenses we have in place for November 2020 are vastly improved over those in place a short four years ago,” John M. Gilligan, president and CEO of the Center for Internet Security, told the House Homeland Security Committee.

States were left scrambling after it was revealed Russian agents had targeted election systems leading up to the 2016 presidential election. While no evidence surfaced that any votes were altered or voter data manipulated, the actions by a foreign adversary to scrutinize the nation’s myriad election systems for vulnerabilities prompted changes including enhanced security protocols, more rigorous and regular security reviews and improved information-sharing across federal, state and local governments.

But cybersecurity experts say the threat has hardly been dulled.

Just a few weeks ago, Bill Evanina, director of the National Counterintelligence and Security Center, released a statement noting foreign adversaries are seeking to compromise election infrastructure along with campaigns, candidates and other political targets. He said the government continues to “monitor malicious cyber actors trying to gain access to U.S. state and federal networks, including those responsible for managing elections.”

The pilot program is different from a group of 269 monitoring devices, known as Albert sensors, that were deployed earlier by the Cybersecurity Infrastructure Security Agency and the Center for Internet Security that monitors traffic touching election networks. Experts have said those devices have limited value in detecting nation-state hackers.

During the congressional hearing, experts noted that local election officials are being stretched to the limit due to the pandemic, dealing with a surge in absentee ballots and a diminishing force of poll workers, with many unwilling to staff crowded polling places out of fear of getting sick.

David Levine with the Alliance for Securing Democracy told committee members that many local election offices lack the resources to boost cybersecurity defenses.

“The coronavirus has exacerbated the problem by forcing a number of states to divert election security funding to cover other unanticipated costs stemming from the pandemic,” Levine said.

An effort by Democrats to send $3.6 billion to states to help cover pandemic-related costs for elections has stalled, and Republicans’ latest proposal for coronavirus relief did not include funds for elections.

___

Associated Press writer Frank Bajak in Boston contributed to this report.

Cybersecurity

October 26, 2021
by Tom Ramstack
Bigger Government Role Expected to Protect Industry From Hackers

WASHINGTON — Large-scale cyberattacks continued this week in the United States and abroad as computer security experts told a congressional... Read More

WASHINGTON — Large-scale cyberattacks continued this week in the United States and abroad as computer security experts told a congressional panel Tuesday that more government intervention is needed. On Monday, Microsoft announced that Russia-backed hackers were trying to steal information technology to disrupt the global supply... Read More

October 22, 2021
by Reece Nations
Commerce Department Tightens Export Controls on Cybersecurity Items

WASHINGTON — The Department of Commerce’s Bureau of Industry and Security announced on Wednesday it would institute new export controls... Read More

WASHINGTON — The Department of Commerce’s Bureau of Industry and Security announced on Wednesday it would institute new export controls over cybersecurity items such as cyber intrusion software that can be used maliciously. The department’s new policy also creates a new license exception for authorized cybersecurity... Read More

October 14, 2021
by Victoria Turner
Cybersecurity Experts Point to More Investment Needed in Detection, Response

WASHINGTON -- If everyone were to employ proper cyber hygiene like multi-factor authentication or not clicking on links in phishing... Read More

WASHINGTON -- If everyone were to employ proper cyber hygiene like multi-factor authentication or not clicking on links in phishing emails, more than 85% of cyberattacks would be prevented, said Sen. Angus King, I-Maine, Thursday.  “The best hack is the one that doesn’t happen,” King said... Read More

October 5, 2021
by Victoria Turner
Cybersecurity Minimum Standards Needed to Keep North America Secure

North American governments should come together to create a trilateral strategy to assess and address threats in a holistic risk-based... Read More

North American governments should come together to create a trilateral strategy to assess and address threats in a holistic risk-based approach to cybersecurity that includes a minimum set of standards, said three experts yesterday. As much as the pandemic has accelerated the rate in which governments... Read More

September 29, 2021
by Victoria Turner
Aspen Cyber Summit Explores Collective Defense in a Digital World

WASHINGTON -- The Cybersecurity Infrastructure and Security Agency has met President Biden’s cybersecurity executive order’s “highly aggressive deadlines so far,”... Read More

WASHINGTON -- The Cybersecurity Infrastructure and Security Agency has met President Biden’s cybersecurity executive order’s “highly aggressive deadlines so far,” but there is “still a lot of work to do,” said CISA Director Jen Easterly Wednesday.  Kicking off the 6th annual Aspen Cyber Summit, Exploring Collective... Read More

September 22, 2021
by Victoria Turner
Identity Authentication Key Piece of Cybersecurity Puzzle

WASHINGTON -- Identity authentication is taking a front-and-center role in the administration's approach to ensuring robust cybersecurity across the U.S.... Read More

WASHINGTON -- Identity authentication is taking a front-and-center role in the administration's approach to ensuring robust cybersecurity across the U.S. government, according to Carole House, director of cybersecurity and secure digital Innovation at the White House National Security Council.  It “sits at the heart of zero... Read More

News From The Well
scroll top