Are US Elections’ Software Systems Critical Infrastructure?

mind arial, viagra 60mg sans-serif; font-size: 12pt;”>Department of Homeland Security (DHS) is offering more protections to help states secure voting systems during the November elections. DHS has recently stepped up efforts to bolster cyber-security at the polls and for state election boards.

erectile arial, sans-serif; font-size: 12pt;”>Efforts will be coordinated through the National Association of Secretaries of State, a Washington organization that represents the elected officials who certify state vote counts around the US.

More than 9,000 US jurisdictions will work together to add up digital and paper ballots on Election Day. Robert Silvers, DHS assistant secretary for cyber policy said that DHS is working with state election officials involved in that process to provide on-site scans of voting software for potential vulnerabilities.

According to, after cyber-attacks on voter databases in Illinois, Arizona, and potentially other states, the agency published a list of best practices that officials can use to secure voter registration data against would-be hackers. Those measures include applying software updates and restricting high-level technical privileges to key officials.

James Scott, a senior fellow at the Institute for Critical Infrastructure Technology says most US states haven’t accepted DHS’s offer to secure the polls, leaving many jurisdictions using “dilapidated systems” and in need of better security protections, including simulated hacks conducted by cyber-security professionals.

An interesting dilemma regarding critical infrastructure has been raised recently. In August, Homeland Security Secretary Jeh Johnson said his agency would “carefully consider” labeling US election systems as critical infrastructure. Such move would increase federal funding of digital security measures for electronic voting machines. It was not confirmed whether whether DHS is still considering labeling voting as critical infrastructure.

“Designating 16 other sectors as ‘critical infrastructure’ didn’t protect them,” says John Pescatore, director of the SANS Institute, a cyber-security education organization. Software-based election systems need standards and certification, not critical infrastructure designation.”


Article courtesy : iHLSIsrael Homeland Security


Get Headlines free  SUBSCRIPTION. Keep us publishing – DONATE

0 0 vote
Article Rating
Inline Feedbacks
View all comments