How Secure Are Our Voting Systems in the United States?

In partnership with

We are sitting at the intersection of cybersecurity and artificial intelligence in the enterprise and there is much to know and do. Our goal is not just to keep you updated with the latest AI, cybersecurity and other crucial tech trends and breakthroughs that may matter to you, but also to feed your curiosity.

Thanks for being part of our fantastic community!

In this edition:

• Did You Know - Election Security

• Original Article - How Secure Are Our Voting Systems in the United States?

• Artificial Intelligence news & Bytes

• Cybersecurity News & Bytes

• AI Power Prompt

• Social Media Images of the Week

 Did You Know - Election Security

• Did you know that over 90% of votes in the U.S. are cast on machines that produce a paper trail, allowing for audits and recounts?

• Did you know that the U.S. Election Assistance Commission (EAC) certifies voting systems to ensure they meet rigorous security standards?

• Did you know that 45 U.S. states use some form of post-election audit to verify the accuracy of election results?

• Did you know that Risk-Limiting Audits (RLAs) are considered the "gold standard" for verifying election outcomes and have been adopted by over 10 states?

• Did you know that many states use air-gapped voting machines, which are physically isolated from the internet to prevent cyberattacks?

• Did you know that in the 2020 U.S. election, 31 states and Washington D.C. used voter-verified paper ballots, enhancing election integrity?

• Did you know that biometric voter authentication methods, such as fingerprint and facial recognition, are being tested in several countries but not widely used in the U.S.?

• Did you know that cybersecurity experts recommend regular "red team" assessments to simulate attacks on election infrastructure to identify vulnerabilities?

• Did you know that disinformation campaigns pose a significant threat to voter confidence, even when election systems themselves are secure?

• Did you know that voting machine manufacturers must adhere to strict Federal Information Processing Standards (FIPS) to protect the integrity of their devices?

• Did you know that voter registration databases are frequently targeted by cybercriminals, but most states have implemented advanced encryption to protect them?

• Did you know that Distributed Denial of Service (DDoS) attacks can disrupt election websites, but robust mitigation strategies have been adopted by many state election offices?

• Did you know that end-to-end encryption is used in some electronic voting systems to ensure the confidentiality and integrity of votes?

• Did you know that more than 80% of U.S. voters believe election security should be a top priority for local, state, and federal governments?

• Did you know that some states have implemented multi-factor authentication (MFA) for election officials to access voting systems, adding an extra layer of security?

• Did you know that every major voting system used in the U.S. undergoes penetration testing by third-party security firms before being approved for use?

• Did you know that many states now use blockchain technology to secure voting records and ensure tamper-evident election results?

• Did you know that federal agencies like the Cybersecurity and Infrastructure Security Agency (CISA) provide election security resources and guidelines to help local officials defend against cyber threats?

• Did you know that misconfigurations and human error pose the greatest threat to the security of U.S. voting systems, even more than direct hacking attempts?

Article: How Secure Are Our Voting Systems in the United States?

Can We Be Sure Our Votes Are Counted Accurately?

Part 1: The State of Voting System Security

As the 2024 presidential election looms on the horizon, concerns about the integrity of our voting systems have once again taken center stage. The recent spate of high-profile hacking incidents and election interference attempts has left many Americans wondering if their votes are truly being counted accurately. But just how secure are our voting systems? In this article, we'll delve into the latest statistics and research to uncover the truth behind the security of our voting systems.

The State of Voting System Security

According to a recent survey conducted by the Cybersecurity and Infrastructure Security Agency (CISA), 40% of responding election officials reported experiencing security incidents or concerns during the 2020 elections (CISA, 2021). Moreover, a staggering 64% of these incidents were attributed to human error, highlighting the need for comprehensive training programs for election officials. This is a concerning trend, as human error is often the weakest link in the security chain. For instance, a simple mistake in configuring a voting machine or a misstep in the vote-counting process can have far-reaching consequences.

However, it's not just human error that threatens our voting systems. Using outdated voting machines and software also leaves our elections vulnerable to hacking attempts. A 2020 report by the Brennan Center for Justice found that 45 states use voting machines at least a decade old, with 14 states still using machines with no paper record of votes (Brennan Center, 2020). This lack of paper trails makes it nearly impossible to conduct accurate recounts in the event of a dispute. Furthermore, many of these outdated machines rely on outdated operating systems, such as Windows XP, which are no longer supported by their manufacturers and are therefore more susceptible to cyber threats.

The Threat of Foreign Interference

Foreign interference in our elections is a growing concern, with the CIA, FBI, and NSA all concluding that Russia interfered in the 2016 presidential election (ODNI, 2017). But it's not just Russia; other nations, such as China and Iran, have also been implicated in election interference attempts.

In 2019, the Council on Foreign Relations reported that 40% of states had experienced some form of foreign interference attempt, including hacking and disinformation campaigns (CFR, 2019). Moreover, a 2020 National Association of Secretaries of State survey found that 70% of responding secretaries reported concerns about foreign interference in upcoming elections (NASS, 2020).

Despite these concerns, steps are being taken to address the security of our voting systems. Many states are investing in new, more secure voting machines, and some are even exploring the use of blockchain technology to ensure the integrity of the vote-counting process. However, as we move forward, we must stay vigilant and proactive in addressing the emerging threats to our voting systems.

As we've seen, the security of the voting system in the United States is complex and multifaceted. While there are certainly concerns, there are also opportunities for improvement.

The Impact on Voter Confidence

These security concerns have had a significant impact on voter confidence. A 2021 Gallup poll found that only 59% of Americans are confident that votes will be accurately cast and counted in future elections, down from 70% in 2020 (Gallup, 2021). This erosion of trust in our electoral process could have far-reaching consequences for the stability of our democracy.

Moreover, the proliferation of misinformation and disinformation campaigns on social media platforms has further exacerbated these concerns. A study by the Pew Research Center revealed that 64% of Americans believe that fake news and information significantly impact their confidence in government institutions, including the electoral system (Pew Research Center, 2019).

As we grapple with these challenges to the security and integrity of our voting systems, it's clear that new strategies and solutions are needed to address both existing and emerging threats. In the next section, we'll explore some of the most pressing emerging threats to our electoral process and discuss potential solutions that could help safeguard the future of American democracy.

Stay Tuned for Part 2: Emerging Threats and Solutions

In the next edition of our newsletter, we'll explore the emerging threats to our voting systems, including the Dark Web, machine learning, the rise of deepfakes, the use of artificial intelligence in election interference, and the growing concern of insider threats.

We'll also examine the innovative solutions being developed to address these threats, from advanced cybersecurity measures to new voting technologies. Can we be sure our votes are counted accurately? The non-political answer may surprise you.

Sources:

Pew Research Center, Brennan Center for Justice, CISA, NASS, ODNI, & CFR

Also, please share this newsletter with others using this link: https://www.cybervizer.com, if you don’t mind. Thank you.

Artificial intelligence News & Bytes 🧠

Cybersecurity News & Bytes 🛡️

If you are not subscribed and looking for more on cybersecurity take a look at previous editions of the Cybervizer Newsletter as it is loaded with cybersecurity and AI info, tips, prompts, and reviews.

The fastest way to build AI apps

• Writer Framework: build Python apps with drag-and-drop UI

• API and SDKs to integrate into your codebase

• Intuitive no-code tools for business users

Start building with AI Studio

AI Power Prompt

This prompt will act as a cybersecurity expert and will assist you in using external threat intelligence to determine the actual cybersecurity risk for an election polling site or location.

Imagine you are a cybersecurity expert tasked with evaluating the cybersecurity risk of an election polling site. To perform this assessment effectively, leverage external threat intelligence sources. Consider the following:

Polling Site Details: Describe the polling site’s digital environment, including the types of IT and OT systems in use (e.g., electronic voting machines, voter check-in systems, network devices). Specify physical security parameters as well.

Threat Intelligence Sources: Gather threat intelligence from multiple reputable sources, such as government advisories (e.g., CISA), private threat intelligence vendors, open-source intelligence (OSINT), social media analysis, and dark web monitoring. Consider recent threat actor campaigns, common tactics used against election systems, and specific regional threats.

Threat Landscape Analysis: Identify threat actors (nation-state actors, hacktivists, cybercriminals) that have an interest in disrupting or manipulating the election process. What is their motivation (e.g., political influence, destabilization, financial gain)? Consider whether any actors have historically targeted polling infrastructure.

Vulnerability Assessment: Identify known vulnerabilities in the systems and software in use at the polling location. Correlate this with the CVE database and consider specific vulnerabilities that threat actors may exploit during an election period.

Attack Vectors: Determine potential attack vectors specific to the polling site, such as Distributed Denial of Service (DDoS) attacks, phishing campaigns against poll workers, malware insertion in voting systems, ransomware, or supply chain vulnerabilities. Assess whether the site may be susceptible to insider threats, either through malicious insiders or through unintentional errors by election staff.

Historical Incidents: Analyze recent incidents involving election interference (e.g., 2020 U.S. elections, European elections) to understand methods previously employed by adversaries. How might these incidents relate to the current threat landscape?

Communication and Disinformation Risks: Assess potential disinformation or misinformation campaigns aimed at voters, which could disrupt voter confidence. Monitor online forums and social media for activity that suggests a campaign aimed at deterring or confusing voters at the polling location.

Physical Security Considerations: Determine how physical security (or lack thereof) might impact the cybersecurity posture. Consider threats that could lead to direct access to voting machines or network devices, and evaluate mitigation measures that are in place to prevent such access.

Risk Scoring: Create a risk score by evaluating the likelihood of various threat scenarios occurring (e.g., ransomware targeting voter registration systems, voter data breaches, disruptions of the site). Assess the impact each scenario could have on the integrity, confidentiality, and availability of election data and systems.

Recommendations: Based on your analysis, provide recommendations for mitigating the cybersecurity risks identified. These may include technical recommendations (e.g., applying specific patches, implementing network segmentation, enhancing endpoint protection), operational controls (e.g., additional training for poll workers), and strategic suggestions for collaboration with law enforcement or election oversight bodies.

Social Media Image of the Week

Questions, Suggestions & Sponsorships? Please email: [email protected]

This newsletter is powered by Beehiiv

Way to go for sticking with us till the end of the newsletter! Your support means the world to me!

Also, you can follow me on Twitter(X) @mclynd for more cybersecurity and AI.

Thank you!

If you do not wish to receive this newsletter anymore, you can unsubscribe below. Sorry to see you go, we will miss you!