Black Hat 2018: 10 Execs On The Top Cybersecurity Threat America Faces Around The 2018 Midterm Elections


Leak Of Voter Rolls

Given the low level of work required to impersonate a government employee at login, a bad actor could enter the system as a server administrator, obtain a large amount of voter information, and either release it online or use it for their own purposes, according to Ping Identity Senior Technical Architect Sarah Squire.

Squire said the leak of voter lists would be valuable to advertisers for targeting purposes since the voting data itself could provide more insight into who actually votes and where they likely shop or get their news.

Squire would love to see encryption at rest for voting data, Squire said, with the key needed to obtain access to the personally identifiable information (PII) stored in a different place than the information itself. In that scenario, Squire said that even if a bad actor were to gain access to voting data, they would be unable to decrypt it.