In early November millions of Americans will head to the polls to decide the next president of the United States. Electronic voting systems and polling locations play a crucial role in the election process, so ensuring they are secure is critical to not only making sure every vote is counted correctly, but that those votes are safe from potential threats.
Election security will be exceptionally important as Russian-backed influence operations seek to launch mis- or disinformation operations that would tear down both trust and election infrastructure, according to a report released earlier this year by CrowdStrike.
MSSPs, MSPs, and other cybersecurity providers are able to help maintain election security through stopping the spread of misinformation, securing varied attack vectors, or protecting candidates from attacks on their websites and other forms of campaign communications. The Center for Internet Security (CIS) wants to ensure that election officials are prepared for various risks, too.
How MSSPs and MSPs can help protect elections
Firewall provider, SonicWall, serves organizations from small- and medium-sized businesses to federal organizations. Executive Director of Threat Research at SonicWall Douglas McKee spoke to Channel Insider about its recent threat brief that focused exclusively on governments.
According to the report, there was a 236 percent year-over-year increase in malware-related attacks against government organizations globally during the first quarter of 2024, coinciding with a notable 27 percent increase in attacks in the month leading up to the upcoming election.
“One of the things I would highlight in this report is that attackers are going to attack the weakest link,” McKee said. “And if the government has put a lot of time and effort into securing things like the voting machines– which I have no reason to believe they haven’t– then they’re going to find something else that’s easier to attack. Things like IP cameras or the polling locations could provide them a vector that may need to be considered as part of the complete election security package.”
This is where MSPs and MSSPs can assist with services to help protect more potential threat vectors. Protecting voting machines from cyber intrusions is incredibly important, but when threat actors can’t work their way into those systems, they will try other avenues and potentially utilize AI to do so.
“When it comes to new attack vectors, AI is very good at analyzing extremely large data sets,” said McKee. “So what it does do is it provides attackers a way to potentially find weaknesses or find trends in large quantities of data that they potentially may not have seen before.”
This capability elevates threat actors’ ability to leverage new attack surfaces from both an election standpoint and non-election standpoint.
SonicWall is urging government organizations to prioritize cybersecurity through strengthening their defenses against malware and DDoS attacks as the election approaches. To do this, they need the assistance of advanced security solutions and enhanced awareness of IoT vulnerabilities to safeguard their operations against escalating threats.
MSPs and MSSPs can be essential to maintaining or restoring election security. More and more are getting into the election security business and there are plenty of opportunities ahead for MSSPs and MSPs to play a role in protecting democracy.
Several service providers and vendors understand the great responsibility it is to protect the United States’ government functions. Cybersecurity giant Fortinet has used its security expertise to assist state and local governments with defending against cyberthreats and protect their networks, data, and critical infrastructure. Through its State & Local Government practice, Fortinent provides election services and a variety of safe and secure election resources and best practices.
Fortinet’s Security Fabric enables governments to secure all attack surfaces through the convergence of networking and security tools “into a single platform for tighter integrations, increased automation, and faster response to attacks.”
CrowdStrike is another big contributor to election security posture through its Cybersecurity & Election Security Resource Center that is available to voting districts. This center is a repository of knowledge, programs, and resources that help strengthen the security posture of elections entities and campaigns.
“MSSPs, MDR (managed detection and response) providers in particular, will play a crucial part in ensuring the integrity of elections by providing services and knowledge to protect organizations conducting elections from cyberattacks and other potential exploits,” said Arctic Wolf CISO Adam Marrè, in a conversation with MSSP Alert. “The threats to elections are very real, with nearly half of respondents in a recent survey anticipating an increase in cyber incidents during this election season.”
Preparing for the election with CIS
The CIS wants to prepare election officials for the presidential election through the Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC). This center provides elections officials with a cybersecurity checklist of reminders to help election officials be cyber ready as they implement a variety of policies, procedures, and checklists.
Among the recommendations and reminders from the EI-ISAC include:
- Ensure you have a defense-in-depth strategy in place. Implementing layers of protection strengthens an organization’s cyber posture and there are solutions available to election offices at no-cost through the EI-ISAC:
- Endpoint Detection and Response (EDR) provides device-level protection by blocking malicious activity and preventing an attack.
- Malicious Domain Blocking and Reporting (MDBR) can enhance web security posture by preventing IT systems from connecting to bad domains.
- Vulnerability Disclosure Program (VDP) ensures that public-facing systems are secure and is a process that receives, validates, and communicates vulnerabilities discovered by ethical security researchers on public-facing sites.
- Establish your organization as a trusted source by educating voters, candidates, the media, and the public on what they need to know about the creation and dissemination of misinformation and deepfakes.
- Meet and establish a good relationship with local law enforcement and let them know when all elections will be held and which polling locations will be used.
- Review The Essential Guide to Election Security developed by CIS as a one-stop resource for election security best practices.
- Prepare for Election Day disruptions which may include everything from swatting to bomb threats. CIS provides a “Prepare for Election Day Disruptions” section of its Essential Guide, which should be reviewed.
- Reach out to the Cybersecurity and Infrastructure Security Agency’s (CISA) National Cyber Exercise Program to schedule a tabletop exercise (TTX) that you can host or participate in for your jurisdiction.
- Be sure to properly vet any new hires, including temporary workers, poll workers, and volunteers, to prevent insider threats and limit access to only what is necessary for individuals to do their job.
- Manage your online presence by avoiding posting personal or sensitive information and exercise caution with whom you connect.
- Visit CISA’s #Protect2024 website for more resources that CISA has available to support election officials.
CIS Controls are practical and highly effective for MSPs to manage cybersecurity for multiple clients. Discover more about why MSPs should adopt CIS Controls in 2025 to improve client protection against evolving threats.