Why cybersecurity experts think we should trust midterm election results

Computer systems around the world are vulnerable to cyberattacks. This includes voting machines, email networks, social media, and critical infrastructure that cities rely on to provide basic services. Yet none of these cyber-threats is as dangerous to the electoral process as the cumulative fear and uncertainty that hacking could change the outcome of elections.

For the CBS News series Campaign 2018: Election Hacking we spoke with more than two dozen experts, including current and former hackers, election security experts, former law enforcement agents, state election officials, former White House cyber-defense experts, and executives at the world’s largest tech firms.

Are they worried? Yes. They’re paid to worry.

But they’re also confident that come Tuesday, Election Day, their vote will be counted.

There is one threat that each expert worries about more than any specific vulnerability: The fear that hacking will undermine citizens’ faith and confidence in election results. Whichever party wins control of Congress, imagine the consequences if half the country believes it was rigged?

On Monday, Department of Homeland Christopher Under Secretary Scott Krebs told “CBS This Morning,” “We haven’t seen certainly any compromises or any sort of access to election equipment across the united states at this point But our planning factor is looking back at 2016 see what the Russians conducted in terms of spearfishing campaigns And working to make sure those kinds of events don’t happen again.”

Every electronic voting machine is, essentially, a computer. All computers can be hacked, and the risks are abundant. The spectrum of hackers capable of attacking voting machines and voting systems is diverse, ranging from nation-states to hacktivist groups. More worrying, these voting computers can be connected to voter registration databases, exposing critical data to manipulation.

But Cris Thomas, a security researcher for IBM Security, is confident that his vote and the majority of Americans’ votes will be counted accurately. Most states and electoral districts still use distinct voting processes and a diverse array of systems. That very diversity, says Thomas, strengthens the outcome of the overall vote. “The resiliency of the electoral process will help ensure that citizens will have their votes counted and the right backups are in place to ensure it,” Thomas says.

Theresa Payton, former White House chief information officer, agrees that voting systems are vulnerable but not defenseless. “I have a high level of confidence that my vote will be accurately counted,” says Payton. “The Board of Elections in each State have worked hard to assess their local processes, train their voting poll officials … to better understand the threats targeting the voting process.

Political campaigns are ripe for hacking because they have an abundance of sensitive data, and are often underfunded with little budget for proper cyber-defense.

“What [Russian hackers] did in 2016 wasn’t really all that sophisticated,” says former hacker turned cybersecurity expert Kevin Mitnick. In 2016 a number of Clinton campaign staffers, including chairman John Podesta, fell for phishing emails sent by Russian hackers. Campaigns are still vulnerable to similar attacks, but technology firms like Google and Microsoft are actively collaborating with campaigns to increase security on email accounts and cloud data.

To read the rest of this interesting article please visit the source.

Source: WINK

Topics: Speaking Engagements, voting machines, election tampering, Cris Thomas, data theft, email networks, global cyberattacks, hacking, infrastructure, John Podesta, Russian hackers, Theresa Payton, phishing, Kevin Mitnick

Latest Posts

Kevin offers three excellent presentations, two are based on his best-selling books. His presentations are akin to technology magic shows that educate and inform while keeping people on the edge of their seats. He offers expert commentary on issues related to information security and increases “security awareness.”

Bypassing Key Card Access: Shoring Up Your Physical Security

As you build additional layers of defense into your cybersecurity framework, it's important to implement physical security strategies as well.

Read more ›

How to Prioritize Your Pentesting Report’s Remediation Recommendations

If you recently received a penetration test, you’re on the right track to improving your cybersecurity posture. However, you may be wondering what the..

Read more ›

Understanding Post-Inoculation Cybersecurity Attack Vectors

If you’ve recently improved your cybersecurity posture, you should know that the work to protect your company’s data is not over.

Read more ›