The US general election is just around the corner and election security has become one of the hottest topics. COVID-19 is showing no signs of slowing down, especially in the US. Growing numbers of COVID-19 infections might force people to stay away from general elections. This has forced many states to adopt mail-in voting to keep their citizens safe from coronavirus. In fact, more than 400,000 New York City voters used mail-in method to cast their vote in the primary election due to COVID-19, which was five times higher than the general election of 2008.

Many states are thinking about offering traditional voting options alongside mail in to reduce the load from mail-in systems. Unfortunately, local and state election officials are not on the same page. They argue that they do not have enough resources to offer both options. This has created confusion and puts election security experts in flux as they face the challenge of securing different types of voting.

Then there is a risk of cyberattacks from external threat actors, which can derail elections in the US and could even influence results. Director of National Counterintelligence and Security Center, William Evanina said, “Our adversaries also seek to compromise our election infrastructure, and we continue to monitor malicious cyber actors trying to gain access to US state and federal networks, including those responsible for managing elections.” He further adds, “These threat actors are also targeting candidates, political campaigns and other political targets.”

How can you prevent election results from being influenced by external threat actors in such a situation? That is exactly what you will learn after reading this article. In this article, you will learn about four effective ways you can use to beef up election security.

4 Ways To Improve Election Security

Here are four ways to boost election security.

1. Upgrade Voting Machines and Election Infrastructure
2. Provide Cybersecurity to Election Staff
3. Have a Contingency Plan
4. Conduct Post Election Audits

1. Upgrade Voting Machines and Election Infrastructure

State-sponsored cyber attackers will target voting machines and will inject malware to change election results. The best way to overcome this threat is to replace voting machines with systems, which have voter-verified evidence of every vote. Many states are planning to replace these machines, but it is estimated that more than 16 million Americans will cast their vote through paperless systems in this year’s general election.

Another election security issue with these voting machines is their age. Most voting machines are outdated and just like legacy systems, can increase the security risk. Additionally, the older a machine gets, the harder it is to keep it maintained and the more likely is it to fail. Even if you replace some of their parts, you will not be able to patch vulnerabilities. That is why it is important to replace older voting machines with newer ones. Unfortunately, not every state has enough election funding to replace their machines before the 2020 general elections.

Voter registration databases could also come under attack as they are usually used to determine who can vote where. An attack on the voter registration database can prevent a huge number of voters from casting their votes. That is why it is important to secure the data stored in databases, data centers, and best dedicated servers. Unfortunately, most voter registration systems were designed more than a decade ago, which means that it is not capable of handling the latest cybersecurity threats that are targeting critical election infrastructure.

2. Provide Cybersecurity Training to Election Staff

Due to the decentralized election system, elections in the United States are usually managed at a local level. This can both be a good thing and a bad thing. With more than 8000 election offices, cybercriminals have more potential targets to hit. Meanwhile, the decentralized nature means that hackers can not target a central point and bring the entire system down to its knees.

Many states have invited the Department of Homeland Security to conduct scans to evaluate the security of election systems. Unfortunately, this will not be enough to prevent cyber-attacks. Data shows that ten states don’t provide cybersecurity training to election officials. States and counties need to invest in cybersecurity training of local staff who will manage general elections. Increase their cybersecurity awareness so they can quickly identify suspicious behavior and report it to concerned authorities so vulnerabilities can be patched quickly.

3. Have a Contingency Plan

There is no denying that you should first try to prevent attacks, but what if cybercriminals manage to hack into election systems despite all your efforts? It is important for states to have a contingency plan ready in case something goes wrong. This will help them to respond to such attacks and minimize the damage effectively.

Before creating a contingency plan, it is critical to understand the type of attacks that could target critical election infrastructure.

• Election website hacking
• Attacks targeting electronic books and election registration systems
• Cyberattacks targeting vendors who program voting machines
• Attempts to compromise election reporting systems

Election staff should ensure that they have enough paper ballots to cover up for machine failures. Instead of creating a single election website or election reporting system, you should opt for multiple websites, so if one goes down, election results can still be available on other websites.

4. Conduct Post Election Audits

Last but certainly not least is the post-election audits. These are audits conducted after elections that match paper ballots with the electronic total from voting machines. With a vast majority of Americans casting their vote through paper-based systems and 42 states maintaining paper records for every vote, it is important to ensure that these paper records match with digital tallies.

According to statistics, 33 states have poor post-election audit procedures and 18 states do not require post-election audits to certify results. This paints a bleak picture, but it can be improved by conducting risk-limiting audits. Risk limiting audits leverages statistical modeling to identify potential inaccuracies in election results.

Yes, these audits may not guarantee protection against attacks targeting voting machines, but at least these audits can help you identify such attacks and use paper ballots to clearly represent voter’s choices. More importantly, post-election audits go a long way in increasing trust and confidence in the integrity of elections.

Which is the best way to secure elections, in your opinion? Let us know in the comments section below.