The cry “The Russians are Coming!” has taken on new meaning as a result of increased cyber threats from Russian hackers. While corporate, financial, and federal networks have been targets for quite some time, multiple state government election databases were recently breached. First the infamous DNC hack, and now an investigation into the election database hacks of Illinois and Arizona.
According to eWeek, “The U.S. government is taking the threat seriously enough that Secretary of Homeland Security Jeh Johnson held a conference call with state election officials on Aug. 15 to discuss the need for increased security of election sites and to encourage state election officials to follow the recommendations of the National Institute of Standards and Technology and the Department of Justice in securing their systems.”
While the FBI investigates the incidents and the motives behind them, budget constrained state governments need to proactively address security gaps that can make them vulnerable.
What can be done to shore up security?
According to a study by the Institute for Critical Infrastructure Technology election systems lack adequate security:
“More often than not, electronic voting systems are nothing but bare-bone, decade old computer systems that lack even rudimentary endpoint security. As an exponential “security free” attack surface, compounded by the absence of cyber hygiene, black box technologies, and an expansive threat landscape, an adversary needs only to pick a target and exploit at will.”
State agencies need to get aggressive about security; patch systems, conduct penetration testing, control comprehensive physical access, and force manufacturers to build more secure voting systems. Given the flaws in security and hacks that we know about, they also need to start proactively looking for malware and compromises that may already be on their systems quietly siphoning data unbeknownst to them.
Fortunately there are tools that can help quickly assess the state of their systems and answer the crucial question “Are we hacked?” Infocyte HUNT does just this. It enables IT teams to proactively discover the presence of attackers, active or dormant, who have successfully evaded their organization’s defenses and established a beachhead within the network. Infocyte's unique, agentless threat hunting platform is designed to rapidly assess network endpoints for evidence of compromise without a forensics expert. Unlike many other tools, Infocyte HUNT has been designed to be easy to use by regular administrators and IT Security professionals without any special training - making it a smart investment for budget constrained states.
Cyber threats from Russia, state-sponsored crime and hacktivists are not going away, but states can employ technology that doesn’t allow them to persist undetected. Learn more about how threat hunting improves security.