With time running out before the midterm elections in November, many of the state and local election offices charged with running the polls are scrambling to secure their systems and protect them from cyberthreats.
Much of their efforts are supported or guided by the Department of Homeland Security. The agency is providing jurisdictions with cybersecurity assessments, live exercises, penetration testing and facilitating information sharing, among other things. States also have a collective $380 million fund from Congress that they can use for election security and other improvements.
Meanwhile, a number of technology companies have taken notice of the election security issue and are offering assistance to election-related entities. Some of the offerings are free, while others are discounted. Some of companies, like DHS, focus on helping the state and local offices that run the country’s elections. Others are offering their services to political organizations, like campaigns and political action committees (PACs).
Below is a rundown of these private sector offerings. We’ll update this post if more companies announce election security deals.
With McAfee, state election offices can get a free 12-month license of its Skyhigh Security Cloud product. The product allows network administrators to monitor cloud services (such as Microsoft Azure, Amazon Web Services, Box and others) that are widely used by enterprises, including election offices. Such services could be used to host voter registration data or the infrastructure for results reporting websites for example. If they take up the offer, officials will be able to use the product to audit their cloud systems, detect compromises and prevent the unauthorized sharing and storage of sensitive data.
Cylance is offering its consumer anti-virus product for free through the end of November. The company says the move is part of an effort to protect political campaigns and organizations from hacking attempts. However, any U.S. resident can take advantage of the offer for the Cylance Smart Antivirus product. The offer covers up to three devices. That probably won’t be able to protect an entire political organization, but could be of use to individual staffers. Recent incidents and research have highlighted political candidates’ vulnerability to phishing and other hacking attempts.
Cloudflare, a content delivery and website security provider, announced its Athenian Project late last year. The company offers free distributed denial of service (DDoS) protection and other security services to state and local government websites that deal with elections. That includes websites with information about polling places, voter registration sites and databases, and election results reporting sites. Such websites face significant uptick in legitimate traffic during elections, and they can be at a greater risk of crashing, especially if malicious actors flood them with more traffic in a DDoS attack. It’s already happened at least to one county website during a primary and to two municipal campaigns. Cloudflare is also offering other forms of website security as part of the project, such as protection from defacement and getting HTTPS up an running.
Jigsaw, a subsidiary of Alphabet, is running “Project Shield” which is similar to Cloudflare’s Athenian Project. The program offers political organizations certain organizations tools to protect themselves from DDoS attacks. Project Shield had previously been available for free to news and human rights organizations. Jigsaw started including election monitoring and political organizations, such as campaigns and political action committees, in May. The main way Project Shield differs from Cloudflare’s offering is the focus on political organizations rather than state and local governments.
Project Shield is part of a suite of tools that Google says people involved in elections can use to protect themselves from other digital attacks. The Advanced Protection Program adds additional security features to Google accounts belonging to people who are more prone to online threats because of the nature of their work — such as campaign staffers or journalists. And Perspective, another Jigsaw tool, aims to help online moderators identify abusive or toxic comments on forums where politics may be discussed.
State and local election offices can get free, crowdsourced penetration testing from bug bounty company Synack through its “Secure the Election” offering. The program reportedly came about after executives from Synack met with government officials to discuss how the private sector could contribute to election security efforts. If they sign up, election offices can have their voter registration databases and websites probed for vulnerabilities by white-hat hackers vetted by Synack. When researchers discover a flaw, Synack will notify relevant election officials then disclose it to the vendor behind the system. Two states had engaged with Synack when the company announced the initiative in June.
Akamai, a content delivery company, is offering election offices its Enterprise Threat Protector service. The service provides domain name system (DNS) security, allowing Akamai to monitor the network an election-related website sits on for suspicious activity. That means preventing phishing links from doing harm when they’re clicked on, protecting sensitive data sitting on the offices servers and preventing ransomware from taking hold of a system, among other defenses. While Akamai says the offer is available to electoral bodies “at no cost to them,” it could end up costing something due to some fine print. Fast Company reported that Arizona is using Akamai’s services at a discounted rate.
State and local election offices can get Centrify’s identity management services at a discounted rate. The company’s “Secure the Vote” offering allows election offices to get a 12-month subscription with the first eight months free (a two thirds discount). Centrify’s services includes securing to apps and devices so that only authorized employees can access them, using measures such as multi-factor authentication and only allowing access from certain endpoints.
Microsoft officially announced its “AccountGuard” program in August, at the same time it reported taking down websites set up by a Russian hacking group to spoof conservative U.S. think tanks and the U.S. Senate. AccountGuard is a free offering that gives certain organizations using Microsoft Office 365 — election campaigns, party committees, the vendors that serve them and some nonprofit organizations — an extra layer of protection on their accounts. Microsoft would provide them with threat detection, security guidance for best practices and exclusive previews of future security products. AccountGaurd is part of Microsoft’s “Defending Democracy Program,” which the company announced in April as a broad initiative to assist in election security.
With phishing emails as a main vector in attacks on elections since 2016, Valimail is offering the election community its email anti-fraud service for free. The service helps an organization avoid having its domain spoofed by hackers looking to impersonate it. “Bad actors are trying to disrupt our elections and sow chaos in our democracy. They are targeting email because it is one of the weakest points in digital communications,” Valimail CEO Alexander García-Tobar said in a press release. Valimail is making its Valimail Enforce service free for Democratic or Republican campaign for national or statewide office, as well as to state election offices and election system vendors. The offer is available through the midterm elections in November. Phishing emails have already been used to target campaigns in the upcoming election. In 2016, hackers sent emails posing as Florida voting machine company VR systems in effort to breach computers of state election officials.
Facebook’s election security challenges can probably be sorted into two buckets: disinformation campaigns and account security. The social media giant announced a pilot program that would give members of political campaigns additional security tools to protect their account from hackers. The program will essentially give these users greater attention from Facebook, which can intervene in case suspicious activity is detected. The company says it will also help participants enable the platform’s top security features, like two-factor authentication.
If Facebook discovers targeting against a campaign member (or if a participant reports such activity), the company can “review and protect other accounts that are enrolled in our program and affiliated with that same campaign.” Facebook says the tools are available to federal and state candidates and their staffers as well as staffers on party committees. This goes for regular user accounts and pages. And Facebook says it will continue to share information with law enforcement and other companies as necessary.
As a social media company, Facebook is under the microscope when it comes to information warfare. On the that front, Facebook has said that it has removed hundreds of pages and accounts tied to foreign influence campaign.
Symantec is offering free anti-spoofing services to election offices and political campaigns. The company explained to CyberScoop that it will monitor the web for fake websites trying impersonate the legitimate sites of organizations participating in its program. Symantec calls the AI-driven service Project Dolphin. Such websites might be set up by hackers to try to steal personal information or spread false information about elections. Hackers could, for example, try to steal login or donation information or direct voters to the wrong polling place. Earlier this year, Microsoft reported taking down websites spoofing conservative think tanks and the U.S. Senate, apparently set up by a Russian hacking group. Symantec says it will also provide free educational videos and best practices resources on a dedicated election security website.
DDoS attacks have consistently been noted by experts to be low-hanging fruit and that the election community needs to protect against them in order to keep information available to the public. NETSCOUT Product Manager Mike McNerney told CyberScoop that’s what motivated the company to announce on Oct. 9 that it’s making its Arbor Cloud DDoS protection service free to certain federal and state offices and agencies. McNerney said NETSCOUT sees the offering as a public service and that it fits in with the company’s slogan of “Guardians of the Connected World.”
The company says its offering is backed by incident responders who would intervene should the cloud service detect anything suspicious. McNerney stressed that DDoS protection isn’t just about protecting the front end of an election-related website. He said the NETSCOUT’s service is set up to protect underlying components, like voter registration databases and other infrastructure that attackers can target with a DDoS attack. NETSCOUT’s free service is coming out barely a month before the midterm elections, so it’s not clear how much engagement it will get. But McNerney said the company has had conversations with potential users prior to announcing.
1Password is offering free business accounts to people involved elections, the company announced on Oct. 23. The offer is available to people “running for office, ensuring elections run fairly, or protecting people’s rights,” according to a blog post by COO Matt Davey. It’s not entirely clear what the last part means, but it could be similar to Cloudflare and Jigsaw’s offerings, which were available to journalistic and nonprofit organizations before the election space. Davey told CyberScoop the “promotion is judged on a case by case basis.” Password managers are becoming a mainstream way for people and organizations secure personal credentials, which can be targeted by people looking to interfere in an election. Pricing for 1Password’s business accounts normally ranges from from $3.99 to $7.99 per month, and potentially more for larger enterprises that need customer services.