{"id":16076,"date":"2020-03-03T15:13:28","date_gmt":"2020-03-03T11:13:28","guid":{"rendered":"https:\/\/me-en.kaspersky.com\/blog\/rsa2020-securing-elections\/16076\/"},"modified":"2020-03-03T15:13:28","modified_gmt":"2020-03-03T11:13:28","slug":"rsa2020-securing-elections","status":"publish","type":"post","link":"https:\/\/me-en.kaspersky.com\/blog\/rsa2020-securing-elections\/16076\/","title":{"rendered":"Why securing elections is so hard"},"content":{"rendered":"<p>Assuming you have not been living under a rock \u2014 not looking at Twitter, Facebook, or Netflix and avoiding any news \u2014 you are probably aware that 2020 is an election year in the United States. If your disconnection goes beyond the past few years, you may also be unfamiliar with the 2016 election and discussions (for example, <a href=\"https:\/\/www.kaspersky.com\/blog\/great-hack-review\/27794\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">here<\/a> and <a href=\"https:\/\/threatpost.com\/newsmaker-interview-tom-kellermann-on-hacking-the-midterm-elections\/138791\/\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">here<\/a>) about election hacking and disinformation campaigns.<\/p>\n<p>At the recent RSA \u0421onference, I attended a panel entitled \u201c<a href=\"https:\/\/www.rsaconference.com\/usa\/agenda\/why-is-securing-elections-the-hardest-problem-in-it-security\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Why is securing elections the hardest problem in IT?<\/a>\u201d with Mary Hanley, Harri Hursti, Philip Stark, and Dan Webber.<\/p>\n<p>Making the panel a bit more timely (aside from this being an election year) is that a lot of election-based stories have been popping up in the news regarding <a href=\"https:\/\/www.nbcnews.com\/politics\/2020-election\/how-iowa-caucuses-fell-apart-tarnished-vote-n1140346\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">issues with the Iowa caucuses<\/a>, as well as an <a href=\"https:\/\/www.wired.com\/story\/opinion-coronavirus-may-disrupt-the-2020-election-we-need-a-plan\/\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">op-ed in <em>Wired<\/em><\/a> about the need to protect the 2020 US election from both the novel coronavirus and hacking \u2014 with mail-based voting.<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">What if coronavirus \u2013 or disinformation about it  \u2013 prevents ppl from going to polls this yr to vote? More ppl than ever before are using mail-in ballots so this won\u2019t be issue for them. But many are not. I hope no one uses this to push for mobile voting <a href=\"https:\/\/t.co\/h60gq87zNb\" target=\"_blank\" rel=\"noopener nofollow\">https:\/\/t.co\/h60gq87zNb<\/a><\/p>\n<p>\u2014 Kim Zetter (@KimZetter) <a href=\"https:\/\/twitter.com\/KimZetter\/status\/1232329419882024962?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">February 25, 2020<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<h2>Local execution vs. global threats<\/h2>\n<p>Over the course of the 30-minute panel, the speakers covered everything from the history of <a href=\"https:\/\/www.wired.com\/story\/darpa-voting-machine-defcon-voting-village-hackers\/\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">hacking election machines<\/a> at DEF CON to our current issues, the lack of trust and the viability of both trust and the technology associated with election machines.<\/p>\n<p>The first and perhaps biggest issue elections face is that they are managed locally and use varying systems. On top of that, election machines were purchased many years ago and were simply not designed for our connected world, in which nation-states and others subject them to attack. Now, if you think about local execution, we are talking about putting states and municipalities up against the cyberpowers of nations looking to interfere with or destabilize confidence in an election.<\/p>\n<p>Our panelists offered some ideas that anyone can put into action to help ensure the election system\u2019s integrity. The first and easiest is to push for transparency in the system, which can mean anything from speaking up in local meetings with politicians to pushing for open audits that the public can look at and see that this is being taken seriously.<\/p>\n<p>Another is to volunteer to be a poll worker. The panel pointed out that many people working in the security field can use their day-job skills to help point out when something looks awry.<\/p>\n<p>Perhaps the simplest of the things that one can do is vote. You may feel apathy or lack of trust, but voting is a clear way to make your voice heard.<\/p>\n<h2>What does the future hold?<\/h2>\n<p>We all know that new technologies can be hacked, no news there. But voting systems can and should be fixed. Ensuring transparency and increasing the public\u2019s faith and trust in voting systems will require collaboration among public and private organizations.<\/p>\n<p>In the private sector, some companies are working on new technologies to help bring back security and trust in elections. Some of the solutions include <a href=\"https:\/\/polys.me\/\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Polys<\/a> from Kaspersky, which has been tested in a number of municipal elections, as well as Microsoft\u2019s <a href=\"https:\/\/www.cnbc.com\/2020\/02\/18\/microsoft-electionguard-software-gets-first-test-in-fulton-wisconsin.html\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">ElectionGuard<\/a>.<\/p>\n<p>Now, I am not a fortune-teller. Nor are the panelists. All I can do is believe in the system and seek transparency. I hope the collaborations we learned about from this panel come hand in hand with increased security, restoring our trust and making the evening news a bit less alarming.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>At the RSA Conference 2020 in San Francisco, a panel of experts discuss the issues with securing elections.<\/p>\n","protected":false},"author":636,"featured_media":16077,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1318,1916],"tags":[1308,2245,1567,977,2246,1289],"class_list":{"0":"post-16076","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-business","8":"category-enterprise","9":"tag-blockchain","10":"tag-elections","11":"tag-polys","12":"tag-rsa-conference","13":"tag-rsa2020","14":"tag-rsac"},"hreflang":[{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/rsa2020-securing-elections\/16076\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/rsa2020-securing-elections\/19456\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/rsa2020-securing-elections\/21094\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/rsa2020-securing-elections\/19365\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/rsa2020-securing-elections\/17848\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/rsa2020-securing-elections\/22019\/"},{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/rsa2020-securing-elections\/7867\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/rsa2020-securing-elections\/33871\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/rsa2020-securing-elections\/14432\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/rsa2020-securing-elections\/13121\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/rsa2020-securing-elections\/26989\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/rsa2020-securing-elections\/26828\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/me-en.kaspersky.com\/blog\/tag\/rsac\/","name":"RSAC"},"_links":{"self":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/16076","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/636"}],"replies":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/comments?post=16076"}],"version-history":[{"count":0,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/16076\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/16077"}],"wp:attachment":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=16076"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/categories?post=16076"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/tags?post=16076"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}