The Voting Ecosystem
The United States voting system is not made up of just voting machines.
What do I mean by this?
Electronic systems, including the voting machines are tied into a much larger infrastructure, that includes operating systems and applications, that run on many different hardware components, that communicate to even a much larger system, that hosts the data, on databases, that run on additional hardware components and additional operating systems and software applications.
Gaining access to any of these components would not necessarily be difficult, extracting data would be difficult but doable, altering data in any part of this process would be extremely difficult.
Why do I say this?
When we study cybersecurity breaches, we often find that the cyber attacker spent an enormous amount of dwell time. Dwell time is the length of time the cyber attacker first breached the account and remains in the account until they are eradicated. Dwell Time is measured in days and it is measured by adding Mean Time to Detect, MTTD, plus Mean Time to Repair, MTTR. These are common terms in cybersecurity. If we examine any of the top breaches, we would find the dwell time to be over a hundred days.
Thus, cybersecurity attacks in our voting ecosystem would be extremely difficult because the cyber attacker would first have to find the vulnerability to hack. Once the vulnerability was found, and access was gained, they would need to understand how to move throughout the entire system, undetected. And let’s say the cyber attacker has gone undetected, the next step would be the designer malware, that may or may not work, but usually requires days to install and gather the targeted information. The cyber attacker would also need admin rights to the entire system, which means not just the operating system, but also the application, the network, and the database.
I have read a few articles that stated that the data concerning the recent election was altered. Again, this would be very difficult because databases have referential integrity, and admin access would be needed in order to change any data.
What is referential integrity in databases?
Referential integrity is the accuracy of the data across multiple tables. The tables will include a primary key and a foreign key. A foreign key always needs to reference a valid primary key in a parent table or it can be orphaned, because values in a primary table were changed.
While our voting ecosystem was not physically compromised, it certainly has been undermined by the disinformation campaign, which in turn has actually compromised our voting ecosystem, in a way that undercuts our entire democracy.
If I was looking at this as a hacker, I would say, that I have succeeded in undermining one of the first democracies. I studied the target, I was able to gain access through social media, so I successfully phished my target, which was millions of voters in the United States, I dropped my designer malware, and have altered the outcome of the election, and have gone undetected, because I have not been eradicated from your system as of yet.
While there may be other questionable elements involved in this election, the voting ecosystem is not one of the culprits. Stay safely Connected.
