Black Hat 2018: 10 Execs On The Top Cybersecurity Threat America Faces Around The 2018 Midterm Elections


Insufficient Education For Election Administrators

The people tasked with deploying and overseeing the voting technologies on Election Day may not have access to the security or IT expertise to know where the risks really lie, according to Symantec Chief Technology Officer Hugh Thompson.

Thompson said poll workers can typically detect suspicious behavior in the physical world – such as a person stuffing multiple pieces of paper into a ballot box – by might not be savvy to how a bad actor could tamper with a memory card holding the results of a specific voting precinct, or what it might look like if that were happening.

The greatest potential for problems lies in the process element of technology, Thompson said, such as a municipality making the machine it uses to tabulate votes accessible to the general public in the days and weeks leading up to the election as an internet kiosk. Thompson said unauthorized access to the tabulating machine could result in it getting infected with malware that tampers with the process.