Bipartisan Harvard panel recommends hacking safeguards
for elections
Send a link to a friend
 [November 20, 2017]
By Joseph Menn
SAN FRANCISCO (Reuters) - A bipartisan
Harvard University project aimed at protecting elections from hacking
and propaganda will release its first set of recommendations today on
how U.S. elections can be defended from hacking attacks.
The 27-page guidebook shown to Reuters ahead of publication calls for
campaign leaders to emphasize security from the start and insist on
practices such as two-factor authentication for access to email and
documents and fully encrypted messaging via services including Signal
and Wickr.
The guidelines are intended to reduce risks in low-budget local races as
well as the high-stakes Congressional midterm contests next year. Though
most of the suggestions cost little or nothing to implement and will
strike security professionals as common sense, notorious attacks
including the leak of the emails of Hillary Clinton's campaign chair,
John Podesta, have succeeded because basic security practices were not
followed.
The ongoing effort is being led by the Belfer Center for Science and
International Affairs, based at the Harvard Kennedy School of
Government, and is drawing on top security executives from companies
including Google, Facebook and the cyber security firm CrowdStrike. The
guidebook will be available online (https://www.belfercenter.
org/cyberplaybook).
"We heard from campaigns that there is nothing like this that exists,"
said Debora Plunkett, a 31-year veteran of the National Security Agency
who joined the Belfer Center this year. "We had security experts who
understood security and election experts who understood campaigns, and
both sides were eager to learn how the other part worked."
[to top of second column] |
An unidentified voter
casts his ballot at a local polling station in Miami November 2,
2010. REUTERS/Hans Deryk
Plunkett said the goal was a digestible outline that was both realistic and
helpful, and that leadership buy-in was critical.
The handbook is the first effort from the Belfer Center's four-month-old
Defending Digital Democracy program, whose leadership includes top campaign
officials from both the Republican and Democratic parties. Belfer co-director
Eric Rosenbach said another guidebook, scheduled for spring, will aim at state
election officials, who oversee the actual vote-counting and might also have to
deal with propaganda intended to mislead or dissuade voters or sow suspicions
about election integrity.
"Deterring information operations is inherently a government responsibility, and
the technology firms will decide how to act on their platforms, but state
organizations are the victims," Rosenbach said.
The Belfer Center is also sending students out to the states to understand
various voting technologies and procedures. The idea is to recommend best
practices for each type of set-up, which could include mandated software
updates, paper back-ups and audits.
Thus far, the project has offered no advice for the internet companies that are
under fire for allowing Russian advertising and false claims to polarize
Americans. That could come later, as could a broader program for quick sharing
of threat information.
(Reporting by Jonathan Weber; editing by Diane Craft)
[© 2017 Thomson Reuters. All rights
reserved.] Copyright 2017 Reuters. All rights reserved. This material may not be published,
broadcast, rewritten or redistributed. |
