CNET's Dan Patterson interviewed Cris Thomas (aka Space Rogue), global strategy lead at IBM X-Force Red, about steps that can be taken to shore up the American electoral system. The following is an edited transcript of the interview.
2018: Election Hacking is a weekly series from TechRepublic sibling sites, CBS News & CNET, about the cyber-threats and vulnerabilities of the 2018 midterm election.
Dan Patterson: Elections, we worry about them every two years and every four years. Cyberattacks are persistent. What do we anticipate? What do you anticipate in the next, say, 12, 18, 36 months?
Cris Thomas: Well, that's a good point, that we only worry about this every two or four years, and I mentioned in 2016 that we need to start talking about this on November 9th, 2016, and we kind of waited a year and a half before the topic came up again.
What do we anticipate in the next few months? I think we're going to see more news stories, more attempted attacks, more probing, more registration database compromises. The same things that we've seen in 2016, we're going to see again. We're going to see more of the influence campaigns. Those are the sorts of things that have worked in the past and are going to continue to be, plague us in the future.
SEE: Network security policy template (Tech Pro Research)
Dan Patterson: What would you suggest? How do we, how do we shore up our systems? How would Space Rogues secure the American electoral system?
Cris Thomas: Well, there's a bunch of steps that we can take. We definitely have to look at the machines and the computers themselves. They're riddled with very basic, simple vulnerabilities that would be easy to fix. We need to educate the poll workers and the people in charge of the elections to be on the lookout for possible attacks that can happen. These are the sorts of steps that we can take.
SEE: Cybersecurity and the 2018 Midterms (TechRepublic Flipboard magazine)
The system itself is already pretty resilient. It's just important for the American people to remember to trust that system and realize that there are checks and balances in place, and most importantly, everybody has to get out and vote.
- How Florida is bolstering election security after being targeted by Russian hackers (TechRepublic)
- Ohio taps college cybersecurity experts to audit election systems before 2018 midterms (TechRepublic)
- Hackers, trolls and the fight over your vote in the 2018 midterm elections (CNET)
- Defending against cyberwar: How the cybersecurity elite are working to prevent a digital apocalypse (free PDF) (TechRepublic)
- Did Russia's election hacking break international law? Even the experts aren't sure (ZDNet)
- Cheat sheet: How to become a cybersecurity pro (TechRepublic)
- Election security is a mess, and the cleanup won't arrive by the midterms (CNET)
Dan Patterson has nothing to disclose. He does not hold investments in the technology companies he covers.
Dan is a Senior Writer for TechRepublic. He covers cybersecurity and the intersection of technology, politics and government.