SAN ANTONIO–(BUSINESS WIRE)–As the mid-term elections draw near, Denim Group continues outreach and advising of state and local officials, helping them outline the steps they should take to defend against a sophisticated nation-state threat. While states have been given federal funding to help them secure their election infrastructures, many systems remain susceptible to nation-state interference. The conventional wisdom of election security involves a focus on securing voting machines and the use of paper ballots. Denim Group recommends an approach where states must transition their efforts on securing voter registration databases and websites that report election results – which are likely more attractive targets to a nation-state than voting machines.
Denim Group assists state and local voting administrators to identify the most vulnerable and susceptible holes in state’s election security infrastructures in order to combat the threat of influence on the election outcomes. In order to do so, they assess security from the lens of the attacker and outline a structured approach to analyzing applications that identifies, measures, and addresses the possibility of an attack on the state’s infrastructure, the potential impacts, and ease of exploitation. Denim Group identifies the most critical vulnerabilities that put states at risk by conducting vulnerability testing of known “static” voting resources, providing rigorous training to election staff in identifying social engineering attempts, administering anti-phishing training for key election officials, conducting 2-factor authentication, and reviewing and reporting entry point susceptibility to Distributed Denial of Service (DDoS) attacks.
“The hacking surrounding the 2016 presidential election will likely occur again,” said John Dickson, Principal at Denim Group. “That was not an isolated incident and outside influencers will continue to try and undermine our democracy. Cybersecurity training and asset vulnerability testing must become priorities in order to create a more secure voting and reporting environment.”
Aside from securing election systems, Denim Group is also advising election administrators to formalize relations with local press in order to identify disinformation in the media. Social spheres of influence have grown exponentially over the past decade, and with the combined use of social engineering, disinformation, and espionage, nation-states present the threat of false propaganda. By openly communicating with the media, Denim Group believes that states can avoid the misconception of an attack allowing them to safeguard voters trust in the U.S. election infrastructure.
For more information on what Denim Group is doing to help state officials secure their voting systems, please visit Denim Group’s Election Security Center.
About Denim Group
Denim Group is the leading independent application security firm, serving as a trusted advisor to customers on matters of application risk and security. The company helps organizations assess and mitigate application security risk. Denim Group’s flagship ThreadFix platform accelerates the process of application vulnerability remediation, reflecting the company’s rich understanding of what it takes to fix application vulnerabilities faster.