Start your day with intelligence. Get The OODA Daily Pulse.
Informing your decisions with actionable intelligence
Start your day with intelligence. Get The OODA Daily Pulse.
Informing your decisions with actionable intelligence
CISA Director Jen Easterly participated in a keynote session at Black Hat USA 2024, along with international election experts Hans de Vries, COO, European Union Agency for Cybersecurity (ENISA), and Felicity Oswald, CEO, National Cyber Security Centre (NCSC) to “unpack how international leaders are approaching election security risks to the democratic processes.” Along with coverage of this keynote panel, we have compiled Director Easterly’s recent communications on the 2024 security threats and security and integrity strategies taken up by CISA and the USG in the run-up to the November 2024 Election in the U.S.
Contents of This Post
CISA Director Jen Easterly, NCSC CEO Felicity Oswald, and ENISA COO Hans de Vries discussed the challenges of protecting democracy.
2024 is the year for global democracy. The year when a record-breaking number of countries held national elections when more than two billion voters cast ballots to shape the future of their nation and the world. In the foreground of this monumental moment, emerging technologies and heightened global tensions confront the resilience of even the world’s longest-standing democracies. This session unpacked how key international leaders are approaching election security risks to the democratic processes – such as cyber threats, foreign malign influence, and the role of generative AI – and ensure that 2024 is no anomaly but an inflection point.
“2024 is set to be the biggest election year in the history of the modern world, with citizens in more than 60 countries heading to the ballot boxes this year..”
,,,that equates to more than half the world’s population voting, and it makes 2024 a pivotal year for proving that elections in the digital age can be done securely.
Easterly, EU Agency for Cybersecurity (ENISA) COO Hans de Vries and National Cyber Security Centre (NCSC) CEO Felicity Oswald took the stage for Black Hat’s opening keynote, and all agreed that their countries (or international blocs, in De Vries’ case) have managed to make their voting systems pretty resilient to outside threats. “I can say with confidence that election infrastructure has never been more secure,” Easterly claimed, and she had a ready explanation as to why: “the election stakeholder community has never been stronger,”…saying that there weren’t any material impacts on US election systems since Russia’s interference in 2016.
China has been the primary threat in the UK, where elections have already taken place this year, Oswald said. Beijing’s attempts to undermine UK election infrastructure in early 2024 were ultimately unsuccessful, and also gave the NCSC more ammunition to further fortify its positions. “We were laser focused on risks not just from Chinese, but from other state actors and malicious actors as well,” Oswald said. “We absolutely saw attempts to engage or disrupt our election, but … it was a very clearly a smooth process, people were able to vote securely on the day, which is a fantastic outcome.”
“Close collaboration between agencies like CISA, the NCSC and ENISA have been key to taking democratic nations from being surprised by Russian meddling to minimizing the impact, the trio agreed.”
De Vries, likewise, said elections in the EU also went off smoothly. “We did find attacks, even during the voting process,” he said. “I think the impact was little because we were prepared.” Of course, just because things have been good so far doesn’t mean elections are entirely in the clear. “We can’t be complacent, because the threat environment has never been so complex,” Easterly added, citing “Cyber threats, physical threats … foreign adversaries attempting to influence our elections, disinformation [and] malign influence operations” as continuing dangers to election security.
Russia is the predominant threat for much of the influence and disinformation efforts targeting US elections, Easterly said, and she argued Vladimir Putin’s administration is getting savvier with those sorts of campaigns, too. Moscow, according to the CISA chief, has taken to “using commercial companies like PR firms or marketing firms, or unwitting Americans, to hide their hand as they try and get out influence messaging.” That said, the world’s democracies have had several years to think about election security.
A pervasive hacking collective being tracked by U.S. intelligence agencies hasn’t been seen breaking into any election infrastructure,but visibility into the group’s activities still isn’t clear,
according to CISA Director Jen Easterly.
An hacking group tied to China’s central government that’s become infamous for burrowing into American critical infrastructure hasn’t been found infiltrating election systems, a top U.S. cyber official said Wednesday. The entity, dubbed Volt Typhoon by intelligence and national security officials, has shown no indications of being able to access core election infrastructure deemed essential for voting, said Jen Easterly, who leads the Cybersecurity and Infrastructure Security Agency in DHS.
“Not that we have seen,” Easterly said on a panel at the Black Hat cybersecurity conference in Las Vegas when asked about Volt Typhoon’s activity targeting election fabric like voter registration databases and voting machines. But any area where it’s been detected is only “the tip of the iceberg,” she added. “There’s so much that we don’t know, and this is a sophisticated actor. And so we have to assume they will be able to do things, and that’s why we need to prepare for it now,” she said, noting that the group has been found digitally spelunking into power, transportation, water and other sectors deemed critical to the functioning of the U.S. economy.
Volt Typhoon covertly hinges onto multiple networks of compromised equipment, including cameras and routers, that are used to form a data transfer network for the group to stage their infiltrations, officials said in May. Its operations were slowed down earlier this after an FBI-led operation sent U.S. cyber warriors into one of the hackers’ staging grounds, known as a botnet, and jettisoned them. But it was just one of several digital footholds. There’s “much we are not seeing” and U.S. companies need to build as much resilience into their networks as possible, Easterly later said in an on-site news conference with reporters. Volt Typhoon first sounded alarms in 2021 when the group was spotted by analysts burrowing into infrastructure environments that had no immediate intelligence value, contradicting past Chinese cyberespionage. The hackers have been using “living off the land techniques” that allow them to hide inside systems and bypass detection, U.S. reports say, noting that they have breached American facilities in Guam and other vital infrastructure in U.S. facilities both inside and outside the country. Their clandestine activities involve a tradecraft difficult to uncover because of the group’s reliance on stolen administrator credentials that allow them to more easily mask their exploits.
An election year warning comes from the top cybersecurity official in the nation, calling artificial intelligence a major “threat to democracy.” The Director of the Cybersecurity and Infrastructure Security Agency, Jen Easterly joined Andrea Mitchell to weigh in on the threat AI poses to election security following her recent column in Foreign Affairs Magazine. “Election officials have defended election infrastructure from cyber threats, from physical threats, from threats of foreign influence and disinformation, and have done it in a way where there is security and there is integrity in the elections process,” said Easterly. “I have confidence. …the American people should have confidence in the election process.”
Easterly released the following statement on Linkedin after her appearance at MSNBC:
Enjoyed talking with Andrea Mitchell on MSNBC yesterday about the intersection of elections and AI, and importantly, why the American people should have confidence in our elections processes due to the tireless efforts of state and local elections officials of both parties, charged with the responsibility to administer, manage, and secure our election infrastructure.
These officials ran secure elections in 2018, 2020, and 2022, with no evidence that malicious actors changed, altered, or deleted any votes that impacted the outcome of those elections. With respect to the 2020 Presidential election in particular, all states where the outcome was close had paper ballots which allowed recounts and audits to verify election results. The outcome of that election was validated time and again, including in multiple court challenges.
Since I took this job in 2021, I’ve had the privilege of spending time with state and local elections across the nation serving on the front lines of our democracy, seeing first hand how hard they work to ensure the secure and resilience of our election processes. But as Kansas Secretary of State Scott Schwab and I note in our article in Foreign Affairs on “AI’s Threat to Democracy” (https://lnkd.in/eJer43jz), these officials need support, especially because of the intense pressure they have faced since the 2020 election and the baseless allegations of voter fraud that followed it.
If anyone is unsure about the security of our election infrastructure, I urge you to serve as a poll worker or as an election observer and witness firsthand the multiple layers of controls–technological, physical, procedural–put in place to ensure that votes are counted as cast. Moreover, if you have any questions about how elections work, please talk to your state or local election official; they are the true subject matter experts in this area. “TrustedInfo2024” (https://lnkd.in/gi_-i2Na) on the website for the National Association of Secretaries of State (NASS) is a great reference.
Finally, if you read the recently declassified Intelligence Community report on the 2022 midterm elections (https://lnkd.in/eeqxTmSg), you saw that the aggregate scope and scale of foreign activity targeting the 2022 midterms exceeded what was detected in 2018, with a diverse and growing group of foreign actors engaging in operations to interfere with our elections, including Russia, China, and Iran. We cannot allow foreign adversaries to sow partisan discord and undermine confidence in our election processes. Elections are the golden thread that runs through the fabric of our democracy; it is up to all of us to keep that fabric strong.
July 2023
The Cybersecurity and Infrastructure Security Agency will set up a network of regional election security advisers in advance of the 2024 vote. Announced by Director Jen Easterly on Tuesday, the 10 advisers will support election officials working in their respective areas in an effort to “build even stronger connective tissue between state and local election officials and … CISA.” Here’s what you need to know:
#TrustedInfo2024 is NASS’s public education effort to promote election officials as the trusted sources of election information during the 2024 election cycle and beyond. The nation’s Secretaries of State, 40 of whom serve as their state’s Chief Election Official, along with other state and local election officials are continuously working to inform eligible Americans about voter registration, voting methods, security, post-election procedures, and much more. By driving voters directly to election officials’ websites, social media pages, and materials, they will be able to receive credible, timely information on each step of the elections process. Find your election official and other helpful information by visiting NASS’s nonpartisan website canivote.org.
Follow NASS on social media (Facebook, X and Instagram) to see real-time #TrustedInfo2024 updates from the association and our members. Also, NASS’s YouTube features videos from our #TrustedInfo2024 video contest held during the NASS 2024 Summer Conference, including the winning video from the Indiana Secretary of State’s Office.
For our News Briefs and Original Analysis research efforts to date on this topic, go to:
https://oodaloop.com/archive/2024/08/09/addressing-the-threat-of-political-violence-in-the-2024-elections/
https://oodaloop.com/archive/2024/01/17/elections-are-coming-time-to-sound-misinformations-clarion-call-again/
https://oodaloop.com/archive/2024/01/16/as-two-billion-people-go-to-the-polls-in-2024-foundational-llms-and-misinformation-are-the-perfect-storm/
https://oodaloop.com/archive/2023/06/07/the-origin-story-the-fsbs-turla-the-hunt-for-the-snake-malware-and-current-steps-for-prevention/
About the Author
Daniel Pereira is research director at OODA. He is a foresight strategist, creative technologist, and an information communication technology (ICT) and digital media researcher with 20+ years of experience directing public/private partnerships and strategic innovation initiatives.
Informing your decisions with actionable intelligence
Informing your decisions with actionable intelligence