As the 2024 US election approaches, cybersecurity leaders intensify their efforts to safeguard the democratic process, drawing insights from global partners to address evolving threats.
Jen Easterly, the director of the US Cybersecurity and Infrastructure Security Agency (CISA) spoke at Black Hat USA about her confidence in the integrity of the nation’s election officials. However, international partners acknowledged the threats that democratic elections face.
“Election officials ran secure elections in 2018, 2020 and in 2022. There is no evidence that malicious actors changed, altered or deleted votes or had any material and impact on the outcome of elections,” said Easterly.
“I have the privilege to spend a lot of time with election officials at the state and local level of both parties across the nation. I know how tirelessly they work to ensure that every one of their citizens votes are counted as cast,” she said.
Despite the positive outlook from Easterly, she warned that the threat environment has never been so complex.
“Cyber threats, physical threats, and yes, foreign adversaries, are attempting to influence our elections,” she noted.
Russia continues to be the predominant threat, according to Easterly.
Learning Lessons from Real Threats
The UK recently ran its own election, which took place on July 4, 2024. Threats to the democratic process were real as in March 2024 the UK government called out China state-affiliated threat actors for conducting malicious campaigns against UK institutions and political figures in 2021. The hack of the UK’s Electoral Commission was also linked to Chinese cyber actors.
Felicity Oswald, CEO of the UK’s National Cyber Security Centre (NCSC), commented: “We were laser focused on that as a risk, not just from Chinese, but from other state actors and malicious actors as well. We absolutely saw attempts to engage or disrupt our election, but our election has come out and said it was a very clearly, a smooth process.”
Speaking from a European perspective, Hans de Vries, COO of the European Union Agency for Cybersecurity (ENISA) explained that preparation was key for the elections for the European Parliament which took place in early June 2024.
Vires noted that there were some distributed denial of service (DDoS) attacks observed during and ahead of the voting process but these did not have a significant outcome.
Easterly was keen to point out that at the state and county level, election officials are well prepared to carry out November’s election
“The most important thing we do is to amplify the voices of state and local election officials because they are truly the authoritative subject matter experts when it comes to elections,” she noted.
Mick Baccio, a global security advisor at Splunk SURGe worked with Secretary Pete Buttigieg’s primary campaign in 2020 as the first CISO of any US primary campaign.
He commented: “People want to do a good job. People want to be secure, but it takes resources to do that takes time to do that, takes effort to do that.”
In terms of threats, Baccio said that alongside nation-state interference from the likes of Iran, China and Russia, there is also the underlying threat of hacktivism.
Clark County Nevada Prepares for Upcoming Elections
In the US, counties are responsible for administering the election for their jurisdictions and during Black Hat USA Clark County CIO Bob Leek described the preparation that has gone into the upcoming US presidential and local elections.
Leek commented that the threats are no different than everyday threats, like unknown devices connecting to a network or loss of visibility, for instance.
“We have been on a long journey toward upgrading and adding resilience into the election data structure,” Leek said.
To conduct this work, the county partnered with CISA, Homeland Security, the FBI and the other federal agencies.
“We’ve made investments in election solutions, and then we test that resilience, so we’ve done vulnerability scanning. We’ve done penetration testing. We’ve built an air-gapped network that manages the transition from our polling sites,” Leek explained.
“When it comes to the application of the technology, we want to ensure the highest levels of Integrity at every step of the process, so that every individual’s vote is recorded and counted accurately. Investments that we’ve made over the past few years are across that entire set of infrastructure needs,” he said.
The county has also invited those organizations including CISA and the FBI to audit their electoral technology and provide feedback.
Leek said they are constantly testing, and the latest test was the during the primary election for the presidential nominees that was held in June.
“We got a lot of lessons learned from that, so we apply those lessons learned to prepare ourselves to the for the presidential cycle that comes up in November,” he commented.
“We are taking a very risk intolerant approach around election infrastructure. I would never say that it can’t happen. I would say it’s highly, highly unlikely,” he said.