2020 Predictions: Election Security

This is our first annual roundup of expert predictions for the coming year. Here’s what leading industry figures have to say about election security in 2020.

• Election security mishaps will undermine the confidence of US voters. From compromised voting machines to fake news across the Internet and social media, US voters will call into question the reliability of today’s voting process. – Malwarebytes Labs

• Hostile governments are engaged in massive disinformation campaigns meant to cause instability in their adversaries. The United States is still feeling the effect such a campaign caused during the 2016 presidential election. The same tactics were used to disrupt elections in other countries. As we enter 2020, a U.S. Presidential election year, disinformation will be one of the biggest cybersecurity threats we face. Defending against this threat will require the analysis of millions of disparate communications to separate individual viewpoints from concerted efforts to confuse and disrupt, along with the means to disrupt or eliminate those disinformation campaigns. Disinformation campaigns can also create individuals sympathetic to foreign governments, which in turn can lead to cases as described in the first point, the radicalized insider. – Anthony Di Bello, Vice President, Strategic Development, OpenText

• 2020 Election Security Insecurity: Election security will be an open wound that can’t be healed in time for the 2020 election. There is still bad blood from the 2016 election which has created a social distrust of technology and there is not enough time to strengthen the integrity of the election system in such a way that the electorate can be confident in the outcome. This begs the question, will there be public faith and acceptance of the outcome of the 2020 election, and if not, what will happen? Public concern will serve as a springboard for the federal government as well as state/county election officials to enact real change and significant improvements to cybersecurity of election infrastructure before the 2024 election. – Christopher Kennedy, CISO and VP of Customer Success at AttackIQ

• Foreign meddling will occur in the 2020 presidential election. The Mueller Report found that Russians have and will continue to interfere in U.S. elections (which is backed by the Senate Intelligence Committee’s findings), while Twitter has already shut down thousands of Iranian-backed disinformation accounts. It has also been proven that voting machines contain security flaws from decades ago, but that we’ve run out of time to find and correct the bugs in these machines before the 2020 election. Due to foreign interference, the hacking of voter registration databases, and the exploitation of flaws in voting machines, there will be even more controversy and concern over the integrity of the 2020 election than there was in 2016. However, this widespread concern should serve as a catalyst for change moving forward – even if it’s too late to make these changes for 2020. There is simply too much at stake to neglect these issues indefinitely. Voters, legislators, and tech providers will need to come together to ensure greater cybersecurity throughout election processes – thereby strengthening the integrity of our democratic system. – Anurag Kahol, CTO and co-founder, Bitglass

• Next year we can expect to see a range of cyber attacks that will target the U.S. presidential election in much more sophisticated ways than the social media campaigns we experienced in 2016. Several nation states have vested interests in influencing or disrupting the 2020 election and we are ill-prepared to defend against such foreign intervention. – Srinivas Mukkamala, CEO of RiskSense 

• One of the things to keep in mind is that from a data management perspective, the U.S. presidential election isn’t a single data collection and processing exercise. It spans 50 different instances that are independently operated by different teams using different tools and security processes. As it turns out, a bad actor does not have to compromise all 50 election systems to influence or disrupt the election. The outcome of the election will be determined by results in a dozen or fewer swing states(6). I expect we’ll see significant phishing activity targeting the offices of the Secretary of State and other election officials in these battleground states starting in the spring. Their aim will be to establish undetected beachheads that can be exploited next fall. – Srinivas Mukkamala, CEO of RiskSense 

Photo by Element5 Digital from Pexels