The US government is taking steps to avoid any kind of interference in the 2020 presidential elections. The government is looking forward to launching a program that would effectively protect voter registration databases.
The voter registration databases were reportedly compromised in 2016 by Russian hackers. US Intelligence officers are concerned about the risk of data manipulation, disruption, or even deletion of voter registration data.
The Cybersecurity Infrastructure Security Agency is worried about the aftermaths of a ransomware attack on these systems. “Recent history has shown that state and county governments and those who support them are targets for ransomware attacks. That is why we are working alongside election officials and their private sector partners to help protect their databases and respond to possible ransomware attacks,” said Christopher Krebs, director of CISA.
Here is what the FBI had to say regarding this: “It is imperative that states and municipalities limit the availability of information about electoral systems or administrative processes and secure their websites and databases that could be exploited.”
By this program, CISA aims to contact state election officials to raise awareness and prepare them for such ransomware attacks which involves distributing educational material, performing computer penetration tests and vulnerability scans.
The program also has a list of measures on preventing and recovering systems after a ransomware attack. However, it does not explicitly mention if the victims should pay the ransom money to regain access to the system or refuse to do so.
“A pre-election undetected attack could tamper with voter lists, creating huge confusion and delays, disenfranchisement, and at large enough scale could compromise the validity of the election,” said John Sebes, chief technology officer of the ESET Institute.
Computer systems that store this kind of sensitive data are often not so secure from expert hackers. Also, the data is lost forever if the system is compromised and the victim does not have a recent backup. This is extremely terrifying on critical pieces of information like voter lists. I hope this program will efficiently increase data security. What do you think of this program? Let us know in the comments.