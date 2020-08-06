US boosts its election cybersecurity

AP, ATLANTA, Georgia





State and local officials in the US are to receive additional tools from the federal government to help defend the nation’s election systems from cyberthreats ahead of voting in November.

Under a US$2.2 million pilot program that began in March, the US Department of Homeland Security’s cybersecurity agency in partnership with the Center for Internet Security has been deploying software to election offices. It is then placed on devices, including laptops and servers used for voter registration and reporting vote totals, to detect malicious activity.

The program was highlighted on Tuesday at a US House of Representatives committee hearing.

“This is the next step, the evolution of helping state and local entities,” said Matt Masterson, a top cybersecurity official within the department. “This really advances their ability to protect their networks.”

Thirty state election offices have already integrated the so-called endpoint detection and response tools, which are routinely used in the private sector, but are less common at the local level.

Through the federal program, officials expect to have this deployed in at least nine additional states by November. Fewer than 100 local government agencies have signed up so far.

Endpoint detection is a key component of network defense designed to detect intrusions early. The software identifies known threats as well as suspicious behavior that could indicate an attack.

“The threat actors are creating over a million new strings of malware a day,” said Michael Atkinson with FireEye, a leading cybersecurity firm that provides such software. “If you don’t have the capacity to search in your endpoint infrastructure for the bad guys and have human cybersecurity experts work on that for you, in the end, compromise will likely be inevitable.”

Under the program, Center for Internet Security analysts would receive alerts of suspicious activity, allowing them to monitor and track it across jurisdictions with the goal of early detection and mitigation.

Officials said that the effort was just the latest in steps taken to shore up cybersecurity since the 2016 presidential election.

“While there are no guarantees in cybersecurity, I can assure you that the security defenses we have in place for November 2020 are vastly improved over those in place a short four years ago,” Center for Internet Security president and chief executive officer John Gilligan told the House Committee on Homeland Security.

Russian agents allegedly targeted election systems leading up to the 2016 presidential election. While no evidence surfaced that any votes were altered or voter data manipulated, the actions by a foreign adversary to scrutinize the US’ election systems for vulnerabilities prompted changes including enhanced security protocols, more rigorous and regular security reviews and improved information-sharing across federal, state and local governments.