After a quiet election night on the cyber front, officials preach vigilance as results come in
After years of preparation from security professionals and election officials, Election Day went down without any significant publicly reported cybersecurity incidents, U.S. officials told reporters Tuesday.
Federal and state officials were on watch for any unusual digital activity, but all in all, it was just “another Tuesday on the internet,” as a senior Cybersecurity and Infrastructure Security Agency official put it. In other words, there were no reports of targeted cyberattacks from U.S. adversaries.
Security experts chalked the smooth operation up to vigilance on the part of officials across the election ecosystem, and the resiliency built into the voting process. Voting machines and electronic pollbooks suffered glitches in certain counties in Georgia and Ohio, but they were technical errors that are to be expected and not caused by anything malicious. Election administrators quickly reverted to paper backups and the voting process carried on.
Officials at the Election Infrastructure Information Sharing and Analysis Center, the threat-sharing hub for election administrators, monitored for malicious cyber activity throughout the day — and will continue to do so as votes are counted. They used sensors deployed on state and local IT networks across the country to watch for anything untoward. But no significant attacks came to pass, according to officials.
“The uncertainty created by the pandemic put election officials and federal agencies like CISA on high alert for many months,” said Eddie Perez, global director of technology development and open standards at the nonprofit Open Source Election Technology Institute. “It appears as if that high state of readiness paid off.”
Now, as the nation waits for results to come in, U.S. officials and security experts are on alert for disinformation campaigns as well as cheap cyberattacks on websites reporting results. Neither category of activity would affect the integrity of the vote, but could be used to try to cast doubt on the results.
“The [potential] attack surface is shifting from the actual voting technology into a different set, and that includes election-night reporting,” the senior CISA official said on a Tuesday night briefing with reporters conducted on background.
The digital calm on election night followed moves by U.S. officials, two weeks earlier, to quickly attribute alleged Iranian and Russian cyber activity.
Alleged Iranian hackers conducted reconnaissance of election-related websites in 10 states, and in at least one case, compromised a voting registration database, U.S. officials said. For their part, suspected Russian government-linked hackers found their way into certain state or local IT networks, but that activity did not appear targeted at election infrastructure, according to officials. There was no evidence, in either case, of voter data being altered or the voting process being affected.
