ICYMI: First Line of Defense in U.S. Elections Has Critical Weaknesses
Updated: Mar 14, 2022
In May of 2018, Bloomberg reported critical weaknesses in our state’s supposed first line of defense citing the Department of Homeland Security was working with state election officials to install “Albert sensors” that are designed to bolster election security by detecting traffic coming into and out of a computer network. However, security experts warned of the limits of the sensors, including access using stolen passwords and the lack of encryption.
At the end of the day, the system cannot block a suspected attack.
Bob Stasio, a fellow at the Truman National Security Project and former Chief of operations at the National Security Agency’s Cyber Operations Center stated, “to say that an Albert sensor “is the panacea, it’s the silver bullet, is completely misleading – it’s a misunderstanding of the reality of the situation.”
States decide where they want to affix the sensors – some use them to monitor the secretary of state’s office computer network while others use them as sentinels for their voter registration database. One key advantage for cash-strapped states: the system is provided for FREE by the CIS.
CIS builds these sensors from single-unit servers outfitted with open-source software that detects anomalous and malicious network activity. Like anti-virus software, the device mines “signatures” that could point to malicious actors, such as IP addresses, but it’s only as good as the signatures that officials feed into the sensor so that it knows what to look out for.
A second former DHS official said that unless intelligence agencies flag specific signatures to Homeland Security, the sensors won’t be very useful to states.
Essentially, the technology is antiquated and is the equivalent of a five-foot chain-link fence as it doesn’t incorporate newer methods such as encryption to protect material in a network.
According to Bob Stasio, these sensors act like the guard at the entrance of a movie complex. The guard stands at the door keeping an eye out for someone with a gun in the crowd – just as the sensor looks for a hacker in network traffic. If someone sneaks in a gun under a coat undetected, there needs to be another guard – or sensor – in each theatre, representing what cyber analysts call the “endpoint” for network traffic. Intruders like the Russians and Chinese who meddled in both the 2016 and 2020 elections represent very advanced threats. These actors understand how to get past that first gate-guard that guards the main door.
Nebraska didn't deserve a supposed award for election innovation. Nebraska deserves a leader that will focus on the signal, not the noise.