It’s Nov. 3, Election Day: You go to the polls at the school where you’ve cast your ballots for the last 15 years, only to be told you are no longer on the voter registration list. And according to your state’s online database, you’re now supposed to be voting at a church 15 miles away.
You’re confused, angry and late for work. So, you don’t vote. And your candidates of choice lose.
How would you feel about those who won, much less the democratic process, after that?
Attacking voter registration databases is one of the many ways threat actors could attempt to tamper with this year’s presidential election. After the 2016 election cycle, U.S. intelligence officials concluded that hostile nation-state actors attempted to access voter files in all 50 states and succeeded in some states, including Illinois.
These and other kinds of compromises, such as ransomware that could deny election officials’ access to critical voter data during the 2020 election, could undermine confidence in U.S. institutions and the perceived legitimacy of those elected.
The mistrust and divisiveness that could result among the American people would be a big win for our adversaries — and a critical loss for us.
Compounding the challenge is that every state manages its own election processes, systems and data. This arrangement typically includes not only secretaries of state and election directors, but often other organizations that support voter registration, like motor-vehicle departments.
While there’s no one-size-fits-all patch, the good news is that states can quickly protect their voter registration databases quickly and efficiently by following a few best practices. And some states are already taking steps to protect their databases, such as Iowa, where Secretary of State Paul Pate and the CIO’s office have teamed up to implement an application that allows them to track changes to the voter database. All statewide election chiefs and the technology officials they work with should ask themselves a few basic questions.
Are communications between organizations secure? States need to have steps in place to evaluate, protect, and authenticate communications with the external systems that share and validate voter information, such as motor vehicle authorities, ensuring that connections are secure and do not offer points of entry for external attacks.
Can cyber attackers breach external and internal network defenses? While achieving 100 percent security is very difficult, you can mitigate risk considerably by deploying network segmentation, additional firewalls and intrusion detection layers and email and web content filtering to detect and halt attacks made through network connections.
Are you limiting the people who can access the database? The number of election officials and vendor employees can add up, particularly in big election years. Limit the number of people who can change voter registration content only to those most necessary. You can do this by implementing role-based access, multi-factor authentication and device access control. In addition, put in monitoring systems to trigger alerts to management when someone does make a change — and keep a record to make auditing easier.
What if the worst happens and your voter database crashes or is corrupted right before an election? This could be devastating. Yet the fundamentals are the same for any organization that needs to protect their most important data assets. You need to have a data integrity and recovery plan including regular backups, frequent system audits and clear recovery plans to mitigate damage.
Identify test failover methods to ensure continuity of operations, even if the system fails during an election. With the right planning, even a database that’s under attack can be resilient enough for you to achieve your mission of holding a fair election.
Intelligence and cybersecurity officials have warned repeatedly that after the events of 2016, foreign governments are almost certain to attempt to interfere in our elections this year. That’s why all state officials and their technical colleagues need to ask themselves hard questions and apply the best solutions.
We need to be able to trust our elections. And to do that, we must protect our voter registration databases.
Samuel S. Visner is the director of the National Cybersecurity Federally Funded Research and Development Center, operated by MITRE. He recently managed research on preserving state voter registration database integrity, and is also a professor of cybersecurity policy, operations and technology at Georgetown University.