CISA Describes Its Role as Security Facilitator
CISA Director Christopher Krebs (Source: Department of Homeland Security)
The U.S. Cybersecurity Infrastructure and Security Agency has released its cybersecurity plan for the run-up to the 2020 presidential election, outlining the agency’s role as a facilitator that will assist federal, state and local agencies in protecting critical election infrastructure.
CISA, a unit of the U.S. Department of Homeland Security, will focus on protecting the election infrastructure as well as the infrastructure used by campaigns and political parties; making sure voters are protected from disinformation campaigns; and issuing warnings and responses related to foreign influence and hacking.
The agency will help identify cyberthreats, share intelligence and assist in mitigating security issues that target government organizations as well as voters, according to the plan. It’s also planning public awareness campaigns that will discusses issues that include foreign disinformation campaigns and threats such as phishing attacks, the plan notes.
“We are working to make it harder for adversaries to compromise our systems and to enhance our resilience so that Americans know their votes will count – and will be counted correctly,” Christopher Krebs, director of CISA, notes in the plan. Krebs is slated to give a keynote address Feb. 25 at the RSA 2020 Conference in San Francisco, when he likely will further outline the agency’s cybersecurity plans for the presidential election.
Earlier this month, Krebs said at a Senate committee hearing that while CISA will help coordinate responses to election interference, most of the responsibility for securing the voting infrastructure falls to state and local agencies (see: States Press for Federal Resources to Fight Cyberthreats).
At that hearing, cybersecurity officials from Texas and Michigan testified that the federal government needs to do more to help their efforts at the state and local level.
On Feb. 6, the U.S. Government Accountability Office released a report about election security for 2020 calling for CISA and Homeland Security to do more to support local and state officials, including improving communications and providing more timely threat intelligence.
Four Areas of Focus
Under the voting security plan released by CISA, spells out its four areas of focus:
Election Infrastructure: CISA will provide state and local cybersecurity officials, along with private companies that provide voting machines and other equipment, with additional information about security threats, including details about possible disinformation and hacking by nation-state actors. In addition to helping local officials develop incident response and crisis communication plans, CISA plans to offer services, including vulnerability scanning, physical security assessments, remote penetration testing and phishing campaign assessments tools.
The Department of Homeland Security and the FBI have already announced a plan to provide more “timely” and in-person information for state and local officials concerning foreign interference and hacking (see: FBI Promises ‘Timely’ Election Breach Reports for Officials).
Campaigns and Political Infrastructure: CISA plans to coordinate with national and local political campaigns to provide them with more information about threats that might be targeting their infrastructure and data. This includes conducting voluntary security assessments, briefing staffers and working with private firms to ensure best practices are followed by campaigns. In addition, CISA will offer services that can check the networks and IT infrastructure used by political campaigns for vulnerabilities and determine if any data has been compromised.
During the January Democratic presidential caucuses in Iowa, a smartphone app failed to properly calculate votes due to a coding error (see: Report: Iowa Caucus App Vulnerable to Hacking).
American Electorate: In a nod to the role that disinformation played in the run-up to the 2016 election, CISA will focus on providing election officials and the public with information concerning foreign influence campaigns.
At a January Congressional hearing on threats from Iran, security experts noted that disinformation campaigns remain one of the biggest election interference threats (see: Congress Hears Warnings of Iranian Cyberthreats). As part of its efforts, CISA plans to act like a “switchboard for routing disinformation” to state and local election officials to help them identify which social media platforms these campaigns are using so that these agencies can better inform the public.
Warnings and Responses: CISA plans to partner with security experts to better understand the threats to the voting infrastructure and provide warnings to government agencies on ways to mitigate those threats as well as coordinate responses.
Meanwhile, federal lawmakers have introduced legislation designed to enhance election security.
In January, a bipartisan group of U.S. senators introduced the “Cybersecurity State Coordinator Act of 2020,” which would direct CISA to appoint employees of the agency who would serve as cybersecurity state coordinators in every state (see: Bill Would Create State Cybersecurity Leader Positions)