Because the country has a presidential election occurring in November, much scrutiny has fallen on the nation’s voting systems. There are significant indications that voting systems throughout the country are vulnerable to hackers.
Just last month in both Arizona and Illinois, hackers were able to penetrate voting systems. Once the Illinois Board of Elections network was breached, almost 200,000 voter records were jeopardized. The data included personal information of registered voters. While representatives of the Board say that no information was added, changed or removed, hackers were able to break through the firewalls and access very sensitive data.
Just a few months ago, state officials in Arizona were notified by the FBI that cyberattacks had occurred on their election systems. The state immediately took the voter registration system offline, but in reviewing the system’s vulnerabilities, staff discovered other problems. For instance, one county election officer’s login credentials were clearly accessible online. Any person could have simply used the login information to penetrate sensitive data repositories. The hacker situation was alarming but a lack of security in others areas is just as alarming. Officials say that no internal data was changed but there is little comfort in that statement.
These examples are even more concerning because of the recent cyberattack on the Democratic National Committee’s supposedly secure network. As sophisticated and seemingly secure systems are penetrated, it appears obvious that less robust networks are also vulnerable. That is frightening as the nation prepares for a presidential election.
Every county’s electoral system is governed by the state where it resides. And there are more than 8,000 different electoral authorities that are supervised by local and state agencies. With limited funding allocated to election systems, the threat of a breach is very real in many regions of the U.S.
Even if cyber sleuths have no interest in swaying the outcome of an election, data stored in voting systems is very desirable. And, if cyber sleuths do care about swaying an election, it may not be that difficult.
Because there is great concern, many states have started to take action. Arizona instituted a Cyber Threat Response Alliance, a partnership with the Department of Homeland Security (DHS), the FBI and several institutions of higher education. The Alliance works to combat network vulnerabilities.
New Jersey has what is called a Cybersecurity and Communications Integration Cell. This partnership includes the federal government, other states and a number of local governments. The mission is to share information about cyberattacks and how to mitigate risks.
The state of Kansas uses the same election software as Illinois and Arizona, so officials are working diligently with DHS to identify weaknesses and improve firewalls.
As state and local governments try to bolster their cybersecurity readiness, it is important to also remember that many data breaches come down to human error. To respond to this issue, some states have launched training programs related to the basics of cybersecurity. Missouri has about 40,000 state employees enrolled in some form of training course.
Citizens, taxpayers and the public at large expect secure government networks, fair and honest elections and protection of their sensitive personal information. One must hope that there will be enough funding and focus to ensure that those expectations are met.
Want to read more stories like this one? Check out the most recent editions of Government Contracting Pipeline and Texas Government Insider. SPI’s government contracting consultants assist firms of all types in selling to government. Contact them today.