Following the 2016 United States election interference and a number of incidents in other countries following that incident it has become clear that elections have become a natural target for cyber threat actors. Steve Ledzian, Chief Technology Officer of APAC at FireEye, sat down with GovInsider to share his insights and expertise on what areas of cybersecurity organisations need to pay more attention to.
What are the threats that cyber poses to elections?
The most obvious concern to consider is around manipulation of vote counting or voting registration record alteration. We haven’t seen evidence of this to date, but it’s not the only concern to be worried about. There’s also concerns around the targeting of election commission websites, theft of electronic voter data, compromises of political parties and campaigns and election influence through social media channels. We’ve observed activity in all of these adjacent areas.
Can you give some specific examples?
Last year we saw espionage actors target Cambodian public and private entities ahead of the nation’s July 2018 general election. This incident is a recent example of aggressive nation-state intelligence collection on election processes right here in Asia Pacific.
This year a sophisticated state actor compromised Australian political parties months before a federal election. This again appears to be an intrusion from espionage actors for intelligence collection rather than direct election tampering.
Similar election targeting through a coordinated social media campaign by cyber operatives was reporting in an effort to influence Taiwan’s elections.
While the most well-known instance of election interference is still the 2016 US elections, there are plenty of examples that this is very much an issue that countries in Asia Pacific need to be informed on and prepared for.
What has been some of the response to these incidents?
One approach is to consider treating elections as critical infrastructure. In the US for instance an election security Sector Coordinating Council has been launched.
To help reduce risk, pre-election preparation activities can be performed through proactive services. These could take the form of Table Top Exercises, Red Team Assessment, or Compromise Asessments. Utilizing threat intelligence on known threat actors, their malware and tactics, can also help scope down the problem for network defenders and others involved in securing elections.
Where can I learn more?
FireEye has launched a free centralized web resource for topics related to election security with top-level cyber threat intelligence and advice. This new site will host free webinars, event information, threat intelligence reports and effective solutions to tackle the issue from a technology perspective, as well as one of emergency management and response preparedness. We will also share examples of successful election protection frameworks that may prove useful to those looking for best practices.
The purpose of this resource is to bring heightened exposure to this important topic, in addition to helping governments stay informed on what steps they can take regarding free and fair elections. We think this is the first step in maintaining the confidence that voters have in the election process, and in making elections more secure across the globe.
This is a really timely topic, seeing as Singapore is having their general elections in 2020 and the barangay polls in the Philippines are happening next year as well. What can governments do to make elections more secure?
We believe the responsibility lies not just in government, but in companies and individuals as well. Everyone needs to be well-informed in order to stay one step ahead of cyber criminals.
As FireEye’s Chief Technology Officer for APAC, Ledzian advises public and private sector organisations on how they can remain protected against modern security threats. FireEye aims to provide peace of mind by protecting organisations and people from the impact and consequences of cyber-attacks with threat intelligence, expertise and professional services.
FireEye is at GovWare booth #E08 on 1-3 October.
GovWare is the region’s most established premier conference and showcase for cybersecurity, and is the cornerstone event of Singapore International Cyber Week. GovWare 2019 is taking place from 1 – 3 October at Suntec Singapore Convention & Exhibition Centre. Register for the event here.