Election Interference Attacks More than Voting Machines

By Veriato Team

Patrick Knight, Senior Director of Cyber Strategy and Technology at Veriato, spent 12 years in the U.S. Intelligence Community in the fields of Signals Intelligence and Cryptanalysis and, since 2001, has worked in the commercial online security sector developing technologies including encryption,

When election interference is discussed, you probably think of “fake news” social media plots or hacked voting machines that manipulated outcomes. The truth is much more complicated. Election interference can come in many forms and have consequences that last long after an election cycle. Fortunately there are security measures elected officials, campaigns, and anyone with access to voter information can – and should – take to defend against election interference.

Insider Threats

Not all election interference efforts are coordinated by foreign or outside entities. In fact, insider threats constitute a massive security concern for any voter or campaign group.

Unprotected Voter Information

In August of this year, more than 14 million voter records in Texas were found on an unprotected server. While much of that information was available publicly, not all of it was. This is just one example of inadequate cyber security measures plaguing campaign groups and officials. Voter information should be placed under proper cyber security and anyone with access to it should be educated on security protocols to keep that information private.

Broad Permissions

Currently, anyone with access to a state’s voter registration, including those at the U.S. Election Assistance Commission, has the ability to change information or remove it entirely. This information should be much more rigorously restricted to limit its risk of exposure. Any voter database should have controlled access and those permissions should be thoughtfully considered and only granted if absolutely necessary. When it comes to cyber security, the fewer routes of access to information, the safer the information is.

Malicious Insiders

Unfortunately, all organizations are at risk of malicious insiders – employees who seek to use their inside access to undermine the organization or use its information for harmful purposes.  To protect from these threats, employee monitoring software can be deployed, which detects suspicious user activity. IT teams can then act to protect data before the malicious actor carries out any harmful acts.

Insufficient Security for Employees

Employee education is key for a strong cyber defense. Employees with weak passwords or who don’t use multi-factor identification aren’t just a risk to themselves; they are a risk to the organization and every person whose information they can access. Weak user security creates opportunities for hackers to penetrate organizations and manipulate or use voter information.

Far-Reaching Consequences Of Election Interference

Of course the obvious concern with election interference is manipulated results and changed election outcomes. However, the consequences can be even darker and have long-lasting effects on our democratic system.

Voter Distrust

If voters suspect their information isn’t protected or that officials don’t value their privacy, people could lose faith in the electoral system. Even with an isolated event, election interference and voter fraud creates a panic where voters worry about the extent of the interference and the validity of the entire campaign process and election. If people start to distrust the power of their vote, then they might lose motivation to participate in public elections.

Change Campaign Efforts

If voter information becomes available to competing parties or candidates, those campaigns are going to adjust their messages. Voters could receive targeted ads, or ads with false messages put out to damage a competing candidate. While this messaging happens to some extent today, it could worsen if election interference leads to voter information hacks.

Security Measures To Implement To Combat Election Interference

Implement a Cyber Security Framework

All elected officials and campaigns should have a strong cyber defense established. Treat your information as sensitively as you would healthcare or banking information –because it is.

Deploy Employee Monitoring Software

Consider investing in this software to protect your information from insider threats. As we’ve discussed, voter information and systems are at risk of employees who have access to them – whether malicious or accidental. Employee monitoring software tracks user activity and alerts you to potentially dangerous behavior so you can stop election interference from escalating.

Utilize NIST resources

The National Institute of Standards and Technology has great resources on how to set up a cyber security framework. The President has also asked the NIST to establish guidelines for small and medium businesses, so those security practices will be forthcoming. Prioritize cyber security and use the resources that are out there to help you protect your information and your voters.

Establish a breach protocol

Set up a plan for if – and when – election interference happens. Plan steps to contain the leak and minimize exposure. Make sure to include transparency in your protocol. The best voters are informed voters. If your system was compromised, tell them. Explain that they may receive communications that appear to be from you, but are from a malicious party. Voters don’t appreciate being kept in the dark. Then tell them what you’re doing to fix the problem and keep their information safe.

Election interference can come in many forms – and the variety of attacks is what makes it so formidable. Campaigns and officials should start by securing their systems from the inside. Doing so will protect our voters and the democratic process they believe in.

2023 Preparedness Checklist: Ensure Your Workforce Is Productive and Secure

This guide will help you understand where there are opportunities and risks in your workforce, and what you can do to make sure 2023 is as secure and productive as possible with workforce behavior analytics.

About the author

Veriato Team
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Quis ipsum suspendisse ultrices gravida.

Productivity & Insider Risk Resources

A More Insightful, Proactive Approach to Employee Monitoring

A More Insightful, Proactive Approach to Employee Monitoring

Also known as “bossware” and even “employee surveillance”, employee monitoring has been placed in the bucket of technologies that companies force on their employees. Whatever you call it, its use is on the rise and it looks like it’s here to stay. As of 2022, 60% of...

Bossware and the Future of Work

Bossware and the Future of Work

Recently, there has been considerable coverage of “bossware” and a focus on draconian types of “surveillance” some companies are using to stay on top of remote and flexible workforces. Articles claim companies are accessing the camera on laptops and tracking every...

The Myths and Truths of Employee Monitoring

The Myths and Truths of Employee Monitoring

Early in the pandemic, searches related to “how to monitor employees working from home” increased by 1,705%. Without the oversight of managers in an office setting, many companies are concerned that their employees are less productive, and that there is an increase...