Broadening Notification, Timely Mitigation of Threats Are Key Goals
The FBI has created a new policy to give “timely” breach notifications to state and local officials concerning election hacking and foreign interference.
The new election policy expands the FBI’s current method of notifying hacking victims. It will also require agents to work directly with state and local election officials to identify and mitigate cyberthreats to election infrastructure as quickly as possible, according to the FBI announcement.
The moves come in the wake of concerns from U.S. lawmakers and security experts about possible foreign interference and threats to the election infrastructure as the 2020 presidential election approaches (see: US Cybercom Considers Bold Election Security Moves: Report).
Until now, the FBI had only been directly notifying hacking victims. Under the new policy, agents must also warn state and local officials responsible for election security when they find election hacking. This is to correct previous issues when federal agencies notified some officials in Florida about hacking incidents related to the 2016 election, but the public and other lawmakers were left in the dark (see: 22 State Attorneys General Seek Election Security Help).
Under the new policy, the FBI will also work with the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency to notify state and local officials.
“Cyber intrusions affecting election infrastructure have the potential to cause significant negative impacts on the integrity of elections,” the FBI notes. “Understanding that mitigation of such incidents often hinges on timely notification, the FBI has established a new internal policy outlining how the FBI will notify state and local officials responsible for administering election infrastructure of cyber activity targeting their infrastructure.”
Threats to Local Governments
The FBI’s new policy will largely focus on local and state governments because the majority of the country’s election infrastructure is owned and operated at the local level, the report notes. A report in July from the U.S. Senate Intelligence Committee, which examined the 2016 election, found that Russian-sponsored hackers attempted to infiltrate the infrastructure of all 50 states in the run-up to that contest.
On Thursday, a senior FBI official told The Hill that the goal of the new policy is to notify election officials in person. Any delay in that notification process would have to be approved by the senior leadership of the bureau, the official said.
The threats that local and state governments face from hackers was on display this week when the FBI issued an alert that two unnamed U.S. municipalities had been breached in 2019 by nation-state hackers, according to ZDNet. In both cases, it appears that the attackers took advantage of vulnerabilities in Microsoft SharePoint to hack networks, although it’s not clear what data they may have been attempting to breach, according to the report.
Securing Election Infrastructure
The CEOs of the three largest voting machine manufacturers in the U.S. recently testified before a congressional committee that they would be open to greater federal oversight of their equipment to help ensure the security of voting data in upcoming elections (see: Voting Machine Firm CEOs Open to Greater Federal Oversight)
In November, the White House released new protocols for notifying the public of nation-state hacking or other interference during the 2020 presidential election cycle (see: Election Interference Notification Protocols Unveiled)
In addition, U.S. intelligence agencies recently met with security officials of major social media and technology firms to analyze ways to secure the 2020 elections, including facilitating better information sharing and coordination (see: Feds, Tech Giants Meet to Coordinate 2020 Election Security)