Securing Automatic Voter Registration Data Webinar hosted by the - - PowerPoint PPT Presentation

2

Securing Automatic Voter Registration Data

Webinar hosted by the Center for Technology and Civic Life & the Center for Secure and Modern Elections May 30, 2019 1:00pm – 1:45 Central Time

Modernizing voter registration

3

Hello, there!

Whitney May

whitney@techandciviclife.org

Noah Praetz

noah@praetzconsulting.com

Maurice Turner

mturner@cdt.org

4

The Center for Technology & Civic Life

Using technology to improve how local government and communities interact @HelloCTCL www.techandciviclife.org

5

CSME/Implementation Working Group

Supporting election and agency administrators and advocates to ensure automated voter registration systems are implemented to maximize the accuracy and completeness of voter rolls while improving efficiency. Providing design, legal, communications, and data transfer support through

• ur networks, as well as insight into campaigns and implementation efforts

around the country. Comprised of a number of individuals and institutions. Staffed by Scott Seeborg of Center for Secure and Modern Elections: scott@modernelections.org

CENTER FOR SECURE AND

6

Housekeeping

• Mute your audio if you aren’t speaking
• Use chat to communicate
• Update your screen name

7

Voter registration at the DMV and other agencies

Motor Voter/NVRA/Federal Law Customers at motor vehicle agencies and state Health and Social Services agencies are offered the opportunity to register to vote under the National Voter Registration Act (NVRA). Automatic Voter Registration/State Law (so far) Qualified people who apply for or renew a driver’s license (or other government service) are automatically registered to vote, unless they decide to opt-out of voter registration.

8

Electronic data transfer is the key to Automatic Voter Registration

The ability to transfer voter registration data quickly and accurately through electronic data transfer is a key feature

• f a modernized voter registration process.

States using electronic data transfer have transitioned away from sharing voter registration data between agencies via paper forms and, instead, send data electronically on a regular schedule or in real time.

Today’s topics

• Identifying threats
• Learning how a secure system works
• Developing a security plan

10

What are the threats?

11

Classes of potential threat actors

Actors include nation states, hacktivists, criminal organizations, and insiders

Highly resourced & sophisticated

• Nation states & some hacktivist or criminal organizations; with or without insiders
• Can combine cyber and physical access

Sophisticated

• Additional hacktivist and criminal organizations; with or without insiders
• Usually advanced cyber skills

Commodity

• Actors with limited resources and usually without insider knowledge
• Use existing tools and platforms to exploit known vulnerabilities

12

High-level threats and risks

Vulnerabilities

• Connectivity
• Hardware
• Software
• Access

Types of damage

• Confidentiality of information
• Integrity of systems
• Availability of systems and services

13

Image source: www.cisecurity.org

Hypothetical scenarios

15

Hypothetical threat #1: Overburdened Clerk

Scenario

• Clerks have growing list of election and non-election responsibilities and many offices

don’t have dedicated IT support.

• Clerk connects work laptop to public wi-fi network.

Risk

• Public wi-fi may be unencrypted which allows attackers to monitor and copy sensitive

data. Defense

• Virtual Private Network (VPN) apps create a protected tunnel inside a public network.
• 2-factor authentication (2FA) uses 2 kinds of passwords to protect access to services

and data.

16

Hypothetical threat #2: Spearphishing a vendor

Scenario

• Attacker sends a fake email to vendor claiming to be a Clerk who needs immediate

support.

• Vendor employee breaks security protocol to be helpful.

Risk

• Vendor employee grants database access to attacker or gives up credentials by clicking

link to fake login page. Defense

• Domain-based Message Authentication, Reporting & Conformance (DMARC) prevents

imposter emails. Strict role-based user access and secondary verification like a phone call.

17

Hypothetical threat #3: State-level ransomware

Scenario

• Top-down state system is locked up because of ransomware attack

Risk

• No access to AVR records means no validation against Electronic Registration

Information Center (ERIC) records and no distribution of current records to localities. Defense

• Develop and practice robust business continuity plan, including testing back-ups to

minimize downtime of services.

18

How does a secure system work?

19

Encryption

A secure system safeguards data at rest and in transit. ERIC example:

“HMAC-SHA2-256 one-way hashing algorithm with a 1024-bit secret key. The secret key is housed in a PKCS#11 interfaced secure store that leverages AES-128

• encryption. The distribution of the hashing application to the ERIC members is a

closely monitored and structured process."

20

Validation

A secure system ensures data is not corrupted as a result of error

• r attack.

Remember:

• AVR is likely to have more in-depth interconnectedness than

OVR.

• There is increased risk of non-voting data (e.g. social security

number, driving restrictions) being changed intentionally or maliciously, or corrupted as a result of an error or attack.

21

Monitoring

A secure system detects unusual traffic which can indicate fraud or an attack. Unusual traffic may include:

• Requests from non-local IP addresses
• Excessive outbound data flows
• Activity during non-business hours

22

Developing a security plan

23

Top-down versus bottom-up

Top-down system: Data hosted on a single, central platform of hardware and maintained by the state with data supplied by local jurisdictions Bottom-up system: Data hosted on local hardware and periodically compiled to form a statewide voter registration list Hybrid approach: Combination of a top-down and bottom-up system

24

How to get started

• Map how other systems connect to voter registration database
• Know who has access to what
• Limit access to those who need it
• Monitor permission changes
• Require 2FA
• Establish baseline activity
• Make frequent backups and test them
• Conduct penetration testing

25

Create a Memorandum of Understanding (MOU)

1. Introduction 2. Purpose 3. Scope 4. Definitions 5. Policy 6. User procedure requirements 7. Maintenance 8. Oversight 9. Responsibility for SOP compliance 10. Updates to MOU

Source: https://transition.fcc.gov/pshs/docs/clearinghouse/DHS-MemorandumOfUnderstanding.pdf

26

Today’s takeaways

Secure automatic voter registration data by:

• Updating data validation

procedures

• Keeping traffic logs
• Practicing data recovery

27

Group discussion questions

What resonated with you today? What did we cover that you have questions about? Is there some thing we didn’t discuss today that you’re curious about?

Resources

Recording of this webinar will be posted on the CTCL website

www.techandciviclife.org/news/webinar-securing-avr-data

Watch the webinar series on Vimeo

www.vimeo.com/helloctcl

Next webinar

Save the date Thursday, July 11th 1:00pm – 1:45pm CT

ModernReg.org

31

How to get help with your implementation

The IWG coordinates support for state and local election and agencies as well as advocates working to ensure smooth implementation of automated voter registration systems. We can assist with design issues, testing, legal review, public education and engagement plans, data transfer plans, and

• ther issues.

For assistance or to learn more, contact Scott Seeborg, Center for Secure and Modern Elections scott@modernelections.org

CENTER FOR SECURE AND