Blog & Tools

Risks to democracy should make cybersecurity a higher priority

Election cybersecurity

Deception and chicanery have been an unwelcome part of American politics since the United States declared its independence from Great Britain in 1776.

It was inevitable that political trickery and fraud and would follow Americans online and become a big enough force to raise concerns about the integrity of the election process.

Several incidents in the recent past have brought to the surface concerns about cybersecurity as it relates to elections. They have demonstrated the need for the nation, as a whole, to make improving cybersecurity a higher priority.

In recent months, for example, hackers temporarily disrupted Republican presidential candidate Donald Trump’s websites with Distributed Denial of Service attacks to protest his actions. The Democratic National Committee also was hacked recently.

In Sweden, newspapers suffered similar malware attacks, apparently for reporting their nation’s strategy for dealing with Russian aggression.

In his book, “Lights Out: A Cyberattack, A Nation Unprepared, Surviving the Aftermath,” journalist Ted Koppel documents the vulnerability of the U.S. power grid. Large sections of the United States are just one, sophisticated cyberattack away from prolonged chaos.

The nation’s democratic foundation should not be allowed to slip into a similar state of weakness.

To cast informed votes, Americans always have had to sort through political exaggerations made by or on behalf of candidates. The Internet has expanded the base for rhetoric and made sorting through false claims more difficult than ever.

The greater concern is that cybercriminals could falsify the outcome of elections or destroy public confidence in the election process.

State and local election officials in SDN Communications' home state of South Dakota believe that election data is protected well. They have some related concerns, however.

South Dakota election data is stored through Microsoft Azure Government cloud service, which is highly regarded by the U.S. government. Data is encrypted and access to it is limited to officials through means as two-factor authentication, says South Dakota Secretary of State Shantel Krebs, the state’s chief election official.

“I’m confident with South Dakota’s election data base,” Krebs says. However, she would not support going to online registration or voting.

“I don’t feel confident yet with any system, at this point,” she says.

Minnehaha County Auditor Bob Litz says he would not be comfortable with online registration or voting, either. On the other hand, the potential for voting fraud with a system that uses uniquely stamped, paper ballots is minimal, he says. That’s the type of system Minnehaha County uses.

Not everything is paper. Local election data, such as new voter registrations, are scanned at the county seat in Sioux Falls and then uploaded electronically to the state storage system, Litz says.

“Even if someone did hack into our database, what are they going to do with it?” he asks. They could use the information for other scams, perhaps. But, “as far as tossing an election, I don’t see it happening,” Litz says. “I think we’re pretty secure.”

Pretty secure? Is that good enough?

It seems like greater national emphasis should be placed on information security.

Overall, the federal government seems to do a good job protecting the nation from physical threats, such as opposing armies. Terrorists who don’t value their own lives occasionally avoid detection and senselessly kill Americans. But few, if any, countries can match the physical strength of the United States in manpower or weaponry.

Cybersecurity is a newer, more complex and harder to assess the threat to the well-being of the nation. Because of the international nature of many cyber threats, private businesses can’t resolve the issue themselves. The federal government must take a leading role in the fight.

Promptly acknowledging problems such as data breaches helps victims, but isn’t the answer. Greater efforts should be made to protect the perimeter of targets.

Rather than simply blast each other on electronic media, candidates for president and Congress also should discuss cybersecurity in productive ways. It’s an issue that matters.

SDN Communications, the host of this blog, is the premier regional provider of broadband connectivity for businesses. Organizations and institutions. It is also a leading provider of cybersecurity services.