US Homeland Security charts plan to fight ransomware attacks on 2020 elections

News by Teri Robinson

The US plans to train state election officials in facing ransomware attacks by providing guidance and educational support as well as technical support through pen testing and vulnerability scanning

Concerned about cyberattacks on the 2020 elections after evidence that Russian hackers accessed voter registration systems in 2016, the Department of Homeland Security (DHS) introducing a new programme next month to protect the systems as well as voter registration databases.

 "Recent history has shown that state and county governments and those who support them are targets for ransomware attacks," a Reuters report quoted DHS Cybersecurity Infrastructure Security Agency (CISA) Director Christopher Krebs as saying. "That is why we are working alongside election officials and their private sector partners to help protect their databases and respond to possible ransomware attacks."

Another official said the government has assessed "these systems as high risk."

The CISA initiative will aid state election officials prepare for a ransomware attack by providing guidance and educational support as well as technical support through pen testing and vulnerability scanning.

Noting "the recent successes of ransomware crippling U.S. cities," Craig Young, computer security researcher for Tripwire’s Vulnerability and Exposure Research Team (VERT), said "it is only natural to expect that voter databases and other election resources will be targeted by not only political adversaries but also criminal opportunists looking for financial win."

He urged local governments "to have all their ducks in a row heading into the election cycle or else face very serious decisions. This means at a minimum, publishing a vulnerability disclosure policy as well as paying for expert advice."  

While the initiative is much-needed action after the "blatant attacks" of 2016, "it’s unfortunate that the focus on protecting U.S. elections is so narrow," said Tim Erlin, vice president of product management and strategy at Tripwire. "Ransomware has been in the spotlight lately, especially for government agencies. It’s a real concern, but it’s by no means the only concern for election security."

Erlin said that while "the world’s foremost and most outspoken democracy should be leading the way in establishing secure elections," it is instead "mired in political positioning to the detriment of free and fair elections."

But the government and election officials could "go beyond the minimum…by offeringbounty rewards to incentivise reports from the research community," said Young. "An even better way is to organise a Red Team engagement in which skilled simulated attackers will attempt to penetrate the organisation by any means and report back recommendations for increased security."

This article was originally published on SC Media US.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews