With less than 100 days to protect voter registration databases and other critical infrastructure from cyberattacks, it’s disconcerting as a citizen to watch the scramble on what to do.  It seems like after several wake-up calls there five things we should be asking our elected officials at the local level to do:

  1. Make use of both HAVA and CARES act funding to tighten up network infrastructure protection.  Many have used the funds to purchase new laptops, new polling pads, and new voting machines.  Few have considered how to protect the network, where voters register, from nefarious cyberattacks.  Some cities and counties have implemented Albert sensors. This is a start but nowhere near enough threat intelligence to drastically reduce phishing, ransomware, and malware attacks. Admittedly, a bit self-serving, consider using some of those funds to make use of automated real-time threat intelligence from companies like Proofpoint, Webroot, DomainTools using Bandura Cyber’s Threat Intelligence Firewall platform.
     
  2. Monitor network activity more closely. Remember hackers don’t break in. They log in! This means cities and counties need to be monitoring network activity more closely. Having a first/last line of defense at the edge of your city/county network is a critical layer of protection. The days of depending solely on your firewall or IPS/IDS are long gone.
  3. Remember that even with paper voting securing your electronic voter registration database is critical. If the terms firewall, IPS/IDS are meaningless because your concern is now focused on how to manage paper voting remember those paper ballots will still require validation and verification of what’s in your voter registration database. You are already facing a labor-intensive process with mail-in vote counting. Don’t allow a cyberattack on your voter registration system to become the straw that breaks the camel’s back. There are several known pieces of software that ransomware actors like in particular. For example, if you are running Windows 7 it’s no longer supported by Microsoft increasing vulnerability. If you are relying on third-party vendors for system updates this means networks are accessed remotely to install the updates. If your network is not amply protected you have introduced another vulnerability.
  4. Ransomware remains a key risk. Election administrators should be acutely aware that a ransomware attack could lock officials out of their voter registration databases. If this happens get ready for the follow-on extortion tactics by the hackers. If they have possession of your voter list the opportunity to be extorted for an exorbitant amount in the next 100 days isn’t going to be trivial. It’s far less expensive, embarrassing, and impactful to have spent a nominal amount on a solution such as Bandura Cyber’s Threat Intelligence Firewall Platform vs. the ransom you will pay. At the very least, it’s worth an hour of time to investigate.
  5. Remember that the head in the sand days are over. Many city and county officials in the last couple of years have been willing to take the risk. Odds are in their favor, they say, they won’t be compromised. Kaspersky experts say they usually observe from 900,000 to almost 1.2 million users targeted by ransomware every six month. City Halls and municipal centers accounted in 2019 for about 29% of all attacks with educational organizations (ie; school districts) accounting for approximately 61%. 

For more information on Bandura Cyber in State & Local Government and Education check out these pieces:

https://securelist.com/story-of-the-year-2019-cities-under-ransomware-siege/95456/