Strong IoT Security Has Become Necessary to Protect Elections

Most discussions of election security from a technology perspective focus on securing voter databases and ensuring that voting machines remain free from compromise. These are important and vital focuses to ensure election security, but often ignored in the discussion is the impact the Internet of Things (IoT) can have on protecting elections from interference. 

IoT devices are used in several different contexts that can have an impact on election security. These include building access control systems that ensure only approved people can access election-counting areas or work with specific machines, connected security cameras for monitoring equipment storage and other facilities, and HVAC systems.

As connected devices have become more common in more settings, protecting the types of equipment common in election facilities is increasingly vital. This is in addition to other election security concerns around technologies like voting machines and ballot counters. 

Why IoT Security Matters to Elections

The Internet of Things has spread like wildfire in the past decade. Between security cameras, access control systems, thermostats, HVAC, and building management technologies, the number and type of connected devices used in day-to-day life continues to increase. 

For election officials, these systems ensure that they can perform their critical work protected from physical threats. Access control systems defend against unauthorized entry when deployed correctly, HVAC ensures internal climate is controlled and ballot integrity preserved, and security cameras monitor for any physical threats against ballot counting equipment or voting machines. 

Voting machines themselves are often not connected to the Internet. There are also other immediate security measures taken to ensure that ballots themselves are accurately counted, such as requiring voters to fill out paper ballots that are then fed into a counting machine. Keeping voting and tabulation machines not connected to the internet can be key to ensuring voting results remain secure. 

Each additional device deployed within an election facility, however, adds to the digital attack surface. Threat actors can compromise any IoT devices with poor security to facilitate lateral movement into databases. They can then exfiltrate voter data and potential results information for any malicious activity. 

Securing connected equipment is thus a key step toward ensuring election security. Ignoring IoT security creates too much risk for the average local government office charged with managing the election process.

IoT Security Best Practices 

Thankfully, the core IoT devices in voting—voting machines—are typically not connected to any network, let alone the Internet. They offer paper trails and sometimes one-way network connections, so they can only send information. As such,  they are atypical IoT devices. Active and passive means to protect them are not applicable in most cases.

So for elections, core IoT security best practices apply to protecting voting facilities and their availability. That includes the HVAC, building management, and other potentially hackable systems that enable voting to happen. 

Ideally, election officials will be able to: 

• Create an inventory of all IoT devices that could affect voting
• Patch any known vulnerabilities in connected equipment 
• Monitor for configuration changes 
• Implement anomalous behavior monitoring 
• Address third-party risk 

Create an Inventory of All IoT Devices

One of the biggest issues with IoT devices is that they are very easy to bring into an environment without IT teams knowing about them. Connected equipment like smart TVs, smart speakers, and more can connect to the internet quickly. Understanding which devices have connected to the election facility’s internet can help security teams know what sort of exposure risk they may or may not have. Part of this inventory should also include mapping the network to understand how IoT devices interact with each other and the rest of the network. 

Patch or Mitigate Any Known Vulnerabilities In Connected Equipment 

As part of creating the IoT inventory, security teams typically need to identify any known vulnerabilities within those devices. Patching those vulnerabilities will reduce the risk of any connected equipment being used as part of an attack chain. Election officials would do well to ensure their security teams patch known issues in connected equipment. 

Monitor For Configuration Changes 

IoT devices often suffer from configuration drift, which occurs when updates or changes are made to connected equipment without them being documented. These configuration shifts can result in errors that make IoT systems more vulnerable. Ensuring that IoT device configurations are managed and reverted to the most secure state can reduce the risk of compromise. Security teams can do this by snapshotting a known good state and referring to it as part of resolving configuration issues. 

Implement Anomalous Behavior Monitoring 

Monitoring for anomalous device behavior can help security teams track potential attacks in progress. Traditional security tools may fail to collect and analyze the forensic data that IoT devices generate, making it difficult to find out how threat actors use a compromised device after obtaining access. 

Anomalous behavior monitoring ensures that organizations have visibility into normal device activity so they identify any potential issues in how devices are communicating. For example, organizations may find that an IoT device connects to a server outside their geographic region to receive firmware updates. This would enable the company to identify abnormal connections to locations that might be an attacker’s command and control (C2) server, like when attackers try to use IoT devices as part of a larger botnet.

Address Third-Party Risk 

All IoT devices are managed in some way by external vendors. If possible, the security policies of connected device manufacturers need to be considered when new devices are added to the network. Election officials should examine the security policies of building access system vendors as well as connected HVAC systems to ensure that major connected equipment does not add undue risk.

How Asimily Secures IoT Devices 

Election officials need to take steps to secure their work against cyber attacks and ensure they can perform this vital function of democracy. In an age where digital threats evolve rapidly, safeguarding sensitive data and critical infrastructure is key to maintaining trust in the electoral process. As the number of connected devices increases each year, so do the entry points for bad actors looking to compromise election facilities.

Asimily offers a comprehensive platform purpose-built for the challenges of securing critical functions like electoral facilities and the security systems protecting voting machines. By protecting IoT and OT devices, which cannot be secured through standard methods, Asimily helps reduce the attack surface of election facilities and other public sector organizations.

The Asimily platform is designed specifically for IoT device security. Asimily’s inventory and vulnerability detection capabilities monitor traffic to and from IoT equipment to track behavior and understand how devices are supposed to act. It also offers recommendations for resolving the vulnerabilities that surfaced through scanning. Those remediations are often simple and quick, reducing the load on security teams. 

Moreover, Asimily’s configuration snapshot functionality empowers security teams to capture and store a copy of the last known good state. This ensures that configuration drift can be accounted for and resolved quickly, returning IoT devices on the network to a secure state and protecting the organization from attack. 

The Asimily platform also has rapid response features that quickly capture packets to aid incident responders. Should a cyberattack occur, Asimily empowers teams to keep a handle on their IoT attack surface and ensure they are as safe as possible. Election security is a vital need for modern society, and protecting IoT devices is critical to that. Asimily can help. 

To learn more about Asimily, download our IoT Device Security in 2024: The High Cost of Doing Nothing whitepaper or contact us today.