Protecting the Next Election – The Role of the Private Sector
A message from NC4 President, Jim Montagnino
In late July 2017, cybersecurity experts met in Las Vegas at the annual DEF CON computer security conference. Computer hackers demonstrated the ability to hack into U.S. voting systems - and it took less than two hours. This disturbing development comes as the U.S. authorities are investigating efforts by the Russian Government to interfere in the 2016 Presidential election. The Russians conducted a multi-faceted intelligence operation that used a combination of traditional propaganda and influence tactics as well as a series of cyber-attacks, seeking to obtain and exploit sensitive data.
There is still some debate regarding to what extent, if any, the Russian intelligence services succeeded in changing the results of our 2016 Presidential election. But the fact that they conducted this operation is undeniable. Their tactics included cyber-attacks against the Democratic National Committee's data system and a campaign chairman's email account, and the release of hacked information by a third party. The Russians also sought to hack into dozens of state voter registration systems. Tactics also included the sophisticated use of social media, targeting specific areas of the United States, to spread misinformation for the express purpose of influencing voters' opinions about issues and candidates. Americans took solace in reports that the actual voting systems used in states across the Nation were immune to cyber-attacks. We have now learned that our solace was misplaced.
Also, as part of this intelligence operation, Russian agents used a well-organized network of "trolls" and social media technologies to conduct what has been described by the U.S. Government as the "boldest" influence campaign targeting the United States. Russia, through this campaign, sought to influence voters with targeted misinformation.
There have been calls for a comprehensive, national effort to protect our election systems and voter information. It should include extensive coordination between the Department of Homeland Security and state and local officials to identify and address areas where election and voter registration systems may be vulnerable to cyber-attack, share intelligence about potential threats, and support upgrades to enable rapid detection and mitigation of attacks as they are unfolding. Political campaign headquarters also must be equipped with advanced cybersecurity tools and encryption capabilities.
It is time for action. The 2018 election is literally months away and as a nation we can ill-afford long, protracted policy discussions on the issue of protecting election-related systems followed by an equally long period of research and development intended to develop technical solutions over a 3-5 year period. And the good news is that the Nation doesn't need to. Government can, and should turn to private sector companies for support. Over the last several years significant progress has been achieved in creating commercially available tools that when bundled together can protect against the type of attack recently conducted by the Russians. And I hope that as Federal and State officials look to expanding protections around our election infrastructure, they will turn to the private sector and to commercially available solutions that can protect networks and data as well as enhance human-to-human and machine-to-machine information sharing.
For example – I am proud to report that NC4® has spent well over a decade working with government and private sector entities to develop state of the art cyber defense tools that enhance the ability of individual companies and entire industry sectors to rapidly detect and mitigate cyber threats. NC4 has created a
Cyber Defense Network™ whose main goal is to execute defensive actions rapidly in a vendor-agnostic manner to significantly improve the effectiveness, efficiency and timeliness of cyber defense. Cyber-attacks can propagate across the Internet quickly, and enabling a rapid response can mean the difference between a minor incident and a massive data breach. Effective cyber solutions use a combination of people who can make rational decisions based on data, technology to sift through the volume of data to find information that requires attention, and processes to make decisions quickly and effectively.
The Cyber Defense Network brings together the tools to quickly share cyber threat intelligence and translate automated threat intelligence into action. There are two major components to this type of active cyber defense:
- Secure collaboration-based information sharing tools that allow analysts to discuss common threats and to share defense tactics with trusted peers. When trust is engaged, analysts can enrich their threat information, rate threats and defense methods and generate a better response to cyber-attacks.
- Automated triage of cyber threat intelligence to take data from disparate sources and normalize the data into actionable intelligence. Normalizing data into a common format using protocols such as STIX/TAXII can speed the rate of information sharing (instead of using proprietary or non-standard data formats). This intelligence in turn can be automated to update security information and event management (SIEM) software to generate firewall rules and activate other cyber defense measures.
NC4 also provides social media tools to detect malicious social media attacks. NC4 Signal™ is a tool used to provide operational intelligence around threat actors who are using social media as a means to propagate attack vectors. NC4 Signal can help to identify threat actors and misinformation early in the process. Using keywords, geolocation tools and defined search criteria, it becomes much easier to filter through the noise to identify trends and targeted attacks.
These types of commercial tools are already available and can help us better prepare for the upcoming election season by providing a way to detect cyber threats and threat actors early. With that information, we can better defend our election process and our democratic system.
Back to Cyber Security | Back to All Categories