Cybersecurity in the U.S. 2022 Midterm Elections

It is stating the obvious to say that free and fair elections are the most critical foundation of a healthy democracy. With the U.S. midterm vote just around the corner, many are wondering if we should be doing more to protect our voting infrastructure. As with any critical infrastructure, there are always risks that must be assessed and addressed in order to avoid unwanted challenges posed by nefarious threat actors.

We have addressed some of these risks in the past, as you can see from our 2020 blog “Keeping Elections Safe from Cyberattack.” One day after that blog went live, the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) published “Election Infrastructure Cyber Risk Assessment.” CISA’s assessment, categorized as a “critical infrastructure security note,” is comprehensive and thoughtful in considering all potential threats and consequences. It remains just as relevant today as it was two years ago.

Security Issues Top of Mind—Again
Fast forward to November 2022, and it’s no surprise that these issues are top of mind again during this election season. On October 31 of this year, Tim Starks’ Cybersecurity 202 in the Washington Post tackled the issues in his analysis “For cyber experts, disinformation overshadows cyberthreats in midterms.” Over the preceding weekend, CISA Director Jen Easterly appeared on CBS “Face the Nation” to discuss cyberthreats to our upcoming elections. Here are the opening remarks from Easterly’s discussion with CBS moderator Margaret Brennan:

Margaret Brennan: I want to ask you about this bulletin first off. It warns domestic violent extremists may view election-related infrastructure personnel and voters as attractive targets. Are you aware of immediate and credible threats?

Jen Easterly: No. Let me be very clear at the top. We have no information about specific or credible threats to disrupt or compromise election infrastructure. I want that to be very clear. We are putting out information, like the warnings that you mentioned, to make sure that state and local election officials have the information that they need to protect their voting systems and their election infrastructure. 

Preparation, Vigilance, and Visibility
To be sure, it is always important to be prepared for the worst-case scenarios. This is especially true when considering such a massively distributed and complex system as the U.S. election infrastructure. As we showed on our 2020 blog on the topic, there are certainly ways in which attacks against internet infrastructure can have an impact on elections—such as DNS attacks targeting voter registration systems and the 2018 attack that took the Knox County Election Commission site displaying results of the county mayoral primary offline. 

Although we need not fear for our election integrity today, we must remain ever vigilant when it comes to cybersecurity and, more specifically, distributed denial-of-service (DDoS) attacks. As highlighted in our latest DDoS Threat Intelligence Report, DDoS attacks are closely tied to geopolitical events—elections notwithstanding. Due to the ease of launching a DDoS attack via do-it-yourself and inexpensive DDoS-for-hire services, anyone can launch a DDoS attack against a political opponent’s website, voter registration sites, or other infrastructure. In which case, network administrators will follow recommended best practices by planning and establishing a DDoS mitigation strategy. NETSCOUT recommends the following:

• Assess your network infrastructure DDoS attack landscape.
• Create and implement a plan for emergency mitigation of a DDoS attack.
• Establish and maintain effective partnerships with your upstream network service providers and know what assistance they can provide in the event of a DDoS attack.
• Consider establishing relationships with companies that offer DDoS mitigation services, including managing your DDoS strategy as a service.

The bottom line is that network administrators and security professionals responsible for the security of election infrastructure need to be focused on potential technology disruptions.

Find out more about NETSCOUT’s Arbor DDoS attack protection solutions.