As hackers become more sophisticated, state and local election officials must ramp up their IT expertise to protect registration data and elections results. “Elections offices have become IT offices that happen to run elections,” Jeremy Epstein, deputy division director of the National Science Foundation’s Division of Computer and Network Systems said at the Jan. 10 Election Assistance Summit. “We need to be focused on detection and recovery.” When Rhode Island Secretary of State Nellie Gorbea was appointed in January 2015, she made election security a priority by growing her IT department by 40 percent to deal with increasing threats. She also worked with legislative leadership to get more funding to replace old election equipment.
“We realized that our voting systems were outdated with 20-year old scanning systems that were at the point of breaking down,” Gorbea said. “In time for the 2016 elections, we were able to purchase ballot scanning machines that increased our security levels.”
… Part of the problem for election officials is that attacks on election systems are difficult to detect immediately, NSF’s Epstein said. Election officials in 21 states were not told by DHS about Russians attempting to hack into their systems until 10 months after the 2016 elections.
States that have requested free security screening services from DHS will get their systems tested for vulnerabilities before the 2018 midterm elections, according to Kolasky. DHS has completed security assessments for three states and expects to meet the 11 remaining requests by the middle of April.
Full Article: Elections: Another unsecured enterprise application? — GCN.