National: States look to secure election results websites ahead of midterms | Kevin Collier/NBC
States are working to shore up what might be the most public and vulnerable parts of their election systems: the websites that publish voting results. NBC News spoke with the top cybersecurity officials at four state election offices, as well as the head of a company that runs such services for six states, about how they secure the sites. All agreed that while there was no real threat that hackers could change a final vote count, a successful cyberattack would be harmful for public confidence if hackers were able to breach the websites that show preliminary vote totals. “Election night reporting sites are very, very ripe for a perception hack, because they’re so visible,” said Eddie Perez, a board member at the OSET Institute, a nonpartisan, nonprofit organization that advocates for election security and integrity. The effort necessary is because it’s relatively easy to knock a website offline and deface it with simple cyberattacks. Vince Hoang, Hawaii’s chief information security officer, is well aware, having recently dealt with just such an attack. Last month, a hacker group called Killnet, which presents itself as a small group of pro-Russian hacktivists, announced plans to attack U.S. state government websites and air travel websites. While there’s no evidence Killnet stole any data or altered any files, it was able to temporarily keep some states’ sites from loading for hours with a series of distributed denial of service, or DDoS, attacks, unsophisticated cyberattacks that flood websites with traffic. One of its victims last month was Hawaii.gov, which also hosts the state’s election night reporting. Even though Hawaii uses Cloudflare, one of the top DDoS protection services, Killnet was able to render Hawaii.gov inaccessible for several hours.
Full Article: States look to secure election results websites ahead of midterms