|
Bipartisan Harvard panel recommends
hacking safeguards for elections
Send a link to a friend
 [November 20, 2017]
By Joseph Menn
SAN FRANCISCO (Reuters) - A bipartisan
Harvard University project aimed at protecting elections from hacking
and propaganda will release its first set of recommendations today on
how U.S. elections can be defended from hacking attacks.
The 27-page guidebook shown to Reuters ahead of publication calls for
campaign leaders to emphasize security from the start and insist on
practices such as two-factor authentication for access to email and
documents and fully encrypted messaging via services including Signal
and Wickr.
The guidelines are intended to reduce risks in low-budget local races as
well as the high-stakes Congressional midterm contests next year. Though
most of the suggestions cost little or nothing to implement and will
strike security professionals as common sense, notorious attacks
including the leak of the emails of Hillary Clinton's campaign chair,
John Podesta, have succeeded because basic security practices were not
followed.
The ongoing effort is being led by the Belfer Center for Science and
International Affairs, based at the Harvard Kennedy School of
Government, and is drawing on top security executives from companies
including Google, Facebook and the cyber security firm CrowdStrike.
"We heard from campaigns that there is nothing like this that exists,"
said Debora Plunkett, a 31-year veteran of the National Security Agency
who joined the Belfer Center this year. "We had security experts who
understood security and election experts who understood campaigns, and
both sides were eager to learn how the other part worked."
Plunkett said the goal was a digestible outline that was both realistic
and helpful, and that leadership buy-in was critical.
[to top of second column] |
An unidentified voter casts his ballot at a local polling station in
Miami November 2, 2010. REUTERS/Hans Deryk
The handbook is the first effort from the Belfer Center's
four-month-old Defending Digital Democracy program, whose leadership
includes top campaign officials from both the Republican and
Democratic parties. Belfer co-director Eric Rosenbach said another
guidebook, scheduled for spring, will aim at state election
officials, who oversee the actual vote-counting and might also have
to deal with propaganda intended to mislead or dissuade voters or
sow suspicions about election integrity.
"Deterring information operations is inherently a government
responsibility, and the technology firms will decide how to act on
their platforms, but state organizations are the victims," Rosenbach
said.
The Belfer Center is also sending students out to the states to
understand various voting technologies and procedures. The idea is
to recommend best practices for each type of set-up, which could
include mandated software updates, paper back-ups and audits.
Thus far, the project has offered no advice for the internet
companies that are under fire for allowing Russian advertising and
false claims to polarize Americans. That could come later, as could
a broader program for quick sharing of threat information.
(Reporting by Jonathan Weber; editing by Diane Craft)
[© 2017 Thomson Reuters. All rights
reserved.]
Copyright 2017 Reuters. All rights reserved. This material may not be published,
broadcast, rewritten or redistributed.
 |
