author photo
By SecureWorld News Team
Wed | Mar 21, 2018 | 8:54 AM PDT

Government cyber defense experts I've interviewed say the Russian government uses cyber much more flexibly than we do.

That "flexibility" includes manipulating and hacking elections to advance Russia's national interests.

And with Vladimir Putin winning (surprise!) the recent Russian election with more than 76% of the vote, the tactics he has employed will likely continue.

Against this backdrop, the U.S. Senate Select Committee on Intelligence has examined evidence of Russian attempts to target our election infrastructure during the 2016, and is making specific suggestions to protect U.S. elections in 2018 and beyond.

6 ways we must secure elections according to the U.S. Senate

  1. Re-inforce states' primacy in running elections
  2. Create effective deterrence: Establish new election cyber norms with other countries and "clearly communicate to adversaries that an attack on our election infrastructure is a hostile act, and we will respond accordingly."
  3. Improve information sharing on threats (now that's original... but some good sub-points)
    • Quickly and accurately attribute attacks
    • Create well-defined election security terms for clear communication
    • Homeland Security should expedite security clearances for certain state and county elections officials
    • Create plan for federal government to quickly warn elections officials
  4. Secure elections systems: "Enable two-factor authentication for those working in elections systems, develop an elections cyber specific risk framework, increase Homeland Security capacity to help with cybersecurity, and create approved vendor list state and local elections officials can turn to for cybersecurity help."
  5. Secure the vote itself: "States should rapidly replace outdated and vulnerable voting systems. At a minimum, any machine purchased going forward should have a voter-verified paper trail and no WiFi capability."
  6. Congress should find money for grants to states: "States should use grant funds to improve cybersecurity by hiring additional Information Technology staff, updating software, and contracting vendors to provide cybersecurity services"

Now let's see how many of these suggestions, if any, ever get implemented. We'll let you know.

Comments