“What I worry about candidly is that government is creating a TSA for elections,” cybersecurity consultant John Dickson told StateScoop. “It’s the lack of creativity and original thinking that will create a default where the only thing we can do is spend money and do rote testing.”
Dickson said state and local officials should be on the lookout for attempts like distributed denial-of-service attacks that disable websites where election results are posted, or robocalls that give voters the wrong information about when and where to vote. Either sort of operation is capable of undermining confidence in the election, yet both are relatively easy to launch, he said.
“The thing I recommended [to states] that I don’t think anybody’s done is create a rapid-response cell where they have a multidisciplinary team,” he said. “This is not an IT problem, this is an information-sharing operation, and cyber’s one piece of it. That’s what I fear, that this is left to the techies.”
A major effort to disrupt the 2018 elections may not come at all, though, which could lull officials into a false sense of success. “The weird thing about this too is that theres a good chance the Russians will sit this one out and all these guys will take credit,” he said. “It wont be that they didn’t get nailed, it’ll be that nobody came after them.”