MORGANTOWN, W.Va. – West Virginia University’s Reed College of Media co-hosted a workshop on election cybersecurity on Thursday afternoon.
It was in collaboration with the University of Southern California (USC), which takes its “USC Election Cybersecurity Initiative” around the country to teach election officials and the general public about how to better protect their data. It was attended by West Virginia Secretary of State Mac Warner who said election security is vital to upholding the principles of democracy.
“This is not a Republican or a Democrat thing, you’ve already heard Adam talking about bipartisanship and that’s been on of the biggest thrills or points that I enjoy about this job,” Warner said. “When you’re dealing with the election, democracy really is the client. We’re all in this together, any sort of outside influence is counterproductive to the entire system. Neither side benefits from outside meddling, disinformation, misinformation.”
The Director of the USC Center for Computer Systems Security, Clifford Neuman, was one of the speakers during the webinar. He spoke about many ways the general public can protect their data from things like phishing, hackers, scammers and other threats. Neuman added that these same methods of vigilance can be beneficial to election officials and campaigns because the same tactics are used.
Some of the tools Neuman provided are making sure passwords are strong, do not use common words and are not repeated across multiple platforms. Using multi-factor authentication, he said, can be another great way to protect data. Another key point, he said, is keeping company data in house, on company servers, networks and laptops or computers.
By keeping your organization’s materials and personal materials on separate devices, he said, if your personal data is hacked it does not lead to your organization being compromised.
“As a computer security practitioner, I understand there is no defense that is 100 percent effective and there are no systems that are 100 percent secure,” Neuman said. “So what do we do? We practice defense-in-depth, think about it as a fortress, you’ve got to get through that outer defense, maybe by providing a password. You might have an inner wall you have to get across, maybe a second factor of authentication, maybe you’ve got a firewall you’ve got to get through. And then maybe the data that is on your system is — we can describe it here as locked in a safe in a locked room, well on computers that data is locked up through encryption technology.”
All these cyberattacks on U.S. elections and citizens are not going anywhere and are growing more sophisticated each year, Neuman said. Therefore, everyone must be “vigilant about links, software, emails and apps”.
Vigilance was already important, but in the era of the pandemic, he said, when many are working from home, it has become even more crucial.
“We’re all using alternate infrastructure,” Neuman said. “Most of us today are probably working from home and this makes it more likely trick us through a social engineering attack into doing things that we shouldn’t do. For example, they send you an email saying in order to work safely from home you need to install this special security software on your device. If you get an unsolicited message telling you to do that be very cautious because chances are the software you’re installing is not protecting the safety of your computer. It is instead opening your device to the criminal that provided you with that software.”