Cybersecurity

Cyber protections contemplated for U.S. election systems

Shutterstock image (by dencg): digital warning sign.

After repeated hacks of Democratic National Committee systems by attackers who might be associated with the Russian government, the Obama administration is considering bolstering cyber protections for the U.S. election systems by putting them under the critical infrastructure classification the Department of Homeland Security is charged to protect.

"We have to carefully consider whether our election system is critical infrastructure, like the financial system or the power grid," DHS Secretary Jeh Johnson said at an Aug. 3 press breakfast sponsored by the Christian Science Monitor. "There is a vital national interest in our election process."

A week earlier, Lisa Monaco, assistant to the president for homeland security and counterterrorism, touched on some of the implications of election system cyberattacks during remarks at the Aspen Institute Security Forum. She said big cyberattacks must be thoroughly investigated before any scaled response is made.

Monaco added that the reaction to those who hack election systems in the U.S. might resemble what happened in response to the cyberattack on Sony Pictures Entertainment. That attack crossed a threshold into being destructive and coercive, she said. The U.S. government ultimately attributed it to North Korea and hit the country with sanctions.

She pointed out that the government has also prosecuted Chinese military personnel who have hacked into U.S. companies' systems to steal data and recently indicted Iranian hackers for a series of cyberattacks, including one in which they allegedly manipulated water-control systems on the Bowman Dam in Westchester County, N.Y.

A deliberate intrusion to coerce or influence this country's political process is a "serious, serious issue," Monaco said. She added that attacks on the U.S. political process could require a new type of response.

Monaco said responses to big cyberattacks are made on a case-by-case basis.

However, Vishal Gupta, CEO of cybersecurity technology company Seclore, told FCW that if election systems are designated critical infrastructure, the label could automatically magnify, or even prescribe, a response.

"Would an attack on the [Democratic or Republican national committees] be considered an attack on the U.S. or a matter of national security?" he asked.

If Russia is found to be responsible for the attacks on the Democratic committee, as many have speculated, Gupta said that under critical infrastructure parameters, the attacks would be considered a threat to national security, which could lead to the determination that they constitute an act of war.

"Is an offense against the Democrats or Republicans an act of war?" he asked. "I'm not sure. The real problem here is that regardless of the designation, the organizations responsible for the systems being breached need to do a better job of prioritizing cybersecurity." 

About the Author

Mark Rockwell is a senior staff writer at FCW, whose beat focuses on acquisition, the Department of Homeland Security and the Department of Energy.

Before joining FCW, Rockwell was Washington correspondent for Government Security News, where he covered all aspects of homeland security from IT to detection dogs and border security. Over the last 25 years in Washington as a reporter, editor and correspondent, he has covered an increasingly wide array of high-tech issues for publications like Communications Week, Internet Week, Fiber Optics News, tele.com magazine and Wireless Week.

Rockwell received a Jesse H. Neal Award for his work covering telecommunications issues, and is a graduate of James Madison University.

Click here for previous articles by Rockwell. Contact him at mrockwell@fcw.com or follow him on Twitter at @MRockwell4.


Featured

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

  • Comment
    Pilot Class. The author and Barbie Flowers are first row third and second from right, respectively.

    How VA is disrupting tech delivery

    A former Digital Service specialist at the Department of Veterans Affairs explains efforts to transition government from a legacy "project" approach to a more user-centered "product" method.

  • Cloud
    cloud migration

    DHS cloud push comes with complications

    A pressing data center closure schedule and an ensuing scramble to move applications means that some Homeland Security components might need more than one hop to get to the cloud.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.