Ahead of election season, cybersecurity agency releases toolkit to help secure local systems

As summer draws to an end, another season, which can be just as blisteringly hot at times, is heating up: Election season. Besides the steady drumbeat of headlines that accompany election cycles, voting presents an emerging annual challenge for administrators as systems move increasingly closer to the digital realm, and as cyberattacks become more commonplace.

“Each day, state and local election officials confront threats to their infrastructure from foreign interference, nefarious actors, insider threats, and others,” said Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency, in a statement highlighting a new cybersecurity toolkit launched by the federal organization. It’s intended “to help them in their ongoing efforts to ensure American elections remain secure and resilient.”

The resource, “Protecting U.S. Elections: A CISA Cybersecurity Toolkit,” is designed by the cybersecurity agency as a “one-stop catalog of free services and tools available for state and local election officials” as they prepare for election season, to “improve the cybersecurity and resilience of their infrastructure.”

It was developed through CISA’s Joint Cyber Defense Collaborative, a collection of public and private organizations that was created as a way to drive collective action across the cybersecurity community. The partnership that worked on this initiative included officials in the election community. 

For ease of use, the toolkit is organized into a few categories to help election officials assess their risk, find tools related to protecting voter information, websites, email systems, and networks; and protect assets against phishing, ransomware, and other types of attacks.

According to CISA, cybercriminals might in coming months try to compromise or manipulate electronic poll books and voter registration databases to try and cause confusion or delay voting on Election Day. Websites for state and local governments could also be targeted by phishing or ransomware attacks. Other potential targets include email systems and networks, targeted using phishing or malware to infiltrate local election networks that offices rely on for regular business functions.

A warning from the FBI’s cyber division to local governments earlier this year called on administrators to take the threat seriously.

“Ransomware attacks against local government entities and the subsequent impacts are especially significant due to the public’s dependency on critical utilities, emergency services, educational facilities, and other services overseen by local governments, making them attractive targets for cyber criminals,” reads a brief about the danger local governments face. “Victim incident reporting to the FBI between January and December 2021 indicated local government entities within the GFS (Government Facilities Sector) were the second highest victimized group behind academia.”

To safeguard systems, CISA recommends implementing the following before using the toolkit to address specific concerns: Scan systems with CISA’s Cyber Hygiene Services Vulnerability Scanning; update systems and software and prioritize remediating known exploited vulnerabilities; follow password best practices like multifactor authentication enforcement; and regularly make offline backups of data.