You’ve likely seen the media coverage describing the current state of election security, and if you only read the headlines the news isn’t good. From coverage of teenagers hacking election databases in ten minutes at DefCon Voting Village to hackers’ ability to easily manipulate votes on voting machines, the headlines paint a bleak picture. On the other side of the discussion, headlines from government and election officials refute these results by saying that the hacked systems are woefully inaccurate and insecure replicas of systems in unrealistic environments. They claim that the simulated systems bear no resemblance to current state election systems and environments. Unfortunately, the alarmist rhetoric on one hand and immediate discounting on the other do not lead to productive outcomes.
Beware of Broad Statements
In a stale-mate situation like this, it’s important to remember that macro-level statements are inaccurate because the granular facts matter. While it’s true that the DefCon environments which include Las Vegas hotel lobbies and election support website renderings are not indicative of the entirety of the Country’s election infrastructure, don’t mistake these results as invalid. They contain relevant indicators that there is room for improvement and that we should definitely ask questions and take actions to strengthen election security. This is a case where the details do matter. Elections occur at the micro level which means that is where we need to focus our efforts.
Sign up here
Our nation’s election infrastructure is a lot like our food supply – it is a connected and dependent ecosystem of local and regional elements that have enough separation to ensure they are not easily defeated in one fell swoop. It is nearly impossible to disrupt the nation’s food supply, but a small town is relatively easy to disrupt. Likewise, a county-by-county approach to affecting an election doesn’t poison the entire country’s election system. But when it’s your community affected, it matters a lot.
The Answers Are in the Details
The reason that our elections are secure at a macro level is the distributed nature of how they are conducted; likewise, the reason they are insecure is also because of the distributed nature that fragments the functions into parts that are vulnerable to attack. We have seen that motivated attackers are targeting many aspects of the election process, mostly local races and congressional districts which further emphasizes the point that our attention should be homed in at the micro level. However, we’re not going to get better at the micro level unless we look at the facts and listen to the details. The message may be a mess and the messengers may be getting a lot of the facts wrong, but we all need to listen and evaluate the merits without discounting the alarm bells we hear ringing.
About the author
Contact CyberDefenses today to learn how we can help your company’s cybersecurity needs.