CISA Director Identifies Main Targets of Russian Adversaries in Election Security Efforts

Lightfield Studios/Shutterstock

Appeals made to the information security community apply just as much to the average voter—the last line of defense is a patient voter.

Interagency collaboration has informed a focus on defending election night reporting and voter registration databases from ransomware attacks by Russian adversaries, Cybersecurity and Infrastructure Security Agency Director Christopher Krebs told attendees of the annual Black Hat information security conference Wednesday.

“What we’ve been able to do is distill down their target sets,” he said. “When we look in certain corners of the world where the Russians are active, we can figure out what they’re going after there, so we can bring that understanding back here and harden, spend that last dollar.”

Krebs credited the strength of CISA’s partnerships across the federal government, particularly with the National Security Agency and Cyber Command. In particular, he said, information gathered by Cyber Command, which has worked on proactive defensive measures with partners in Ukraine, northern Macedonia and Montenegro, led CISA to launch a ransomware initiative for election security last summer that’s focussed on those internet-connected systems.

“We bring that understanding back,” he said “and that’s what’s behind the ransomware initiative launched last year which is about protecting those things that are connected, and hardening them as best we can.”

Krebs outlined a number of reasons to be optimistic about the 2020 election, noting that compared to where the country was this time four years ago, the difference is “like night and day.” 

In addition to establishing structures for election officials to communicate about threats and best practices, and sensors to detect intrusions set up in all 50 states, Krebs highlighted that 92 percent of jurisdictions have paper-based back-up systems to enable audits and resilience of the process in the event something goes wrong. 

But with the emergence of the pandemic, the most important factor in election security is the individual voter. 

He stressed that the virus likely holds change for voters. Schools and elder care facilities, for example, are places where people might usually vote but they may not be available. And the rules for mail-in voting systems vary from state to state. 

“It’s up to you to identify how you’re going to vote, have a plan,” he said. “On November 3, it’s quite possible that we won’t know who won the election. That’s why we need you, we need everyone, to be a more patient voter, to wait until the vote has been certified and we know who the winner is. The last measure of resilience in the 2020 election is going to be an informed, patient voter. It’s going to take time to count the vote. Whether it’s absentee ballots coming in, whether it’s longer lines, whatever it takes, it’s going to take a little more time.”