Despite hype, level of election cyberthreats is uncertain
As Americans go to the polls to vote in a hotly contested election, federal officials will be behind the scenes watching for malicious cyber activity, even though there won't be much they can do in response.
As candidates, pollsters and political pundits wait for election results to roll in, federal officials are quietly holding their breath to see what, if any, cybersecurity surprises are in store.
State and local elections officials have been scrambling in recent months, with help from the Department of Homeland Security, to patch vulnerabilities and plug holes in the country's election system. But as FCW has reported, there is only so much that can be done, and vulnerabilities exist on a number of levels.
Top officials have sought to calm concerns by pointing out that the distributed, dispersed nature of voting systems renders them less vulnerable to large-scale attacks or manipulation.
The questions now are: Was enough work done to secure the most vulnerable parts of the election chain? Was it the right work? Will any of the potential election hacks take place? And what, if anything, can DHS, the FBI and others do on Election Day?
Federal cybersecurity officials' level of involvement in state-level election preparation is unprecedented, said Ann Barron-DiCamillo, former director of the U.S. Computer Emergency Readiness Team at DHS. "But we've also had an unprecedented amount of activity and chatter that has...made that a prerequisite in this election."
Barron-DiCamillo told FCW that there isn't much DHS can do on Election Day, either legally or technically, to respond to cybersecurity incidents because voting is handled by state and local authorities.
"I think the biggest thing [DHS] can do is really be that central repository or central location for communication so if something is trending or starting to occur in one part of the country, they can get that shared really quickly," she said. "One person's detection is another person's prevention."
In addition to sharing information with state and local officials, she said DHS will need to communicate and coordinate with the private sector, especially the large internet service providers.
The recent Mirai botnet attack that hijacked internet-of-things devices could have been a drill for a larger attack on Election Day, Barron-DiCamillo said, and that would require mitigation coordination between DHS and the ISPs.
She also said DHS and other federal agencies would likely have pre-positioned "tactical teams" and specialists in areas where there have been significant threats or concerns of possible malicious activity.
DHS did not respond on an official level to multiple requests for comment about its Election Day posture and procedures, though one employee told FCW there were no signs at the operational level of a large-scale mobilization to respond to Election Day cybersecurity incidents.
FBI officials told FCW in an email message that they have been "working with our state and local partners and providing them with threat indicators that we've observed during the course of our investigations" to help them guard against Election Day attacks. The FBI also has election crimes coordinators standing by at all 56 field offices nationwide.
The National Governors Association issued a statement on Nov. 4 expressing its confidence in the electoral system. "NGA works daily with state officials, election administrators and cybersecurity experts who, for many years, have worked diligently to secure our election systems against disruption or compromise," the statement reads.
But given the extensive hacking of the Democratic National Committee and the probing of state election databases, federal cybersecurity officials will likely be as anxious as the candidates when the polls open.