Vloga kibernetske varnosti v boju proti dezinformacijam na vmesnih volitvah

The mention of “election security” among cybersecurity practitioners typically conjures up concerns about voting machine tampering, vulnerabilities, and the possibility of data breaches. But there’s more to it than hardware, software, and process. Misinformation and disinformation are extremely pressing problems that are commingled with traditional cybersecurity — a multilayered attack technique that took center stage in 2020 and has only grown more endemic since.

Čas se morda izteka, ko se približujejo vmesni roki, toda varnostne ekipe na prvi črti – tiste, ki sodelujejo s proizvajalci glasovalne opreme, podjetji, ki dobavljajo sestavne dele, in tistimi znotraj vladnih agencij, ki so odgovorne za zagotavljanje celovitosti volilne opreme – še vedno lahko prevzamejo celovito ukrepe za boj proti tej zelo nevarni grožnji.

As far as misinformation and disinformation are concerned, neither is a new concept. The practice of spreading mis- and disinformation (aka “fake news”) can be traced back as far as circa 27 BC, when then Roman emperor Caesar Augustus spread lies about his nemesis, Mark Antony, to gain public favor.

"Dezinformacije” is the unintentional spread of disinformation. “Disinformation” is the intentional spread of false information that is purposely meant to zavajajo in vplivajo na javno mnenje. This may contain tiny snippets of factual information that have been highly manipulated, helping to create confusion and casting doubt on what’s fact and what’s not.

Samo v zadnjih nekaj tednih je uradnik v okrožju Mesa, Kolorado, izrekla nedolžnost za obtožbe v zvezi z njo domnevne vpletenosti z posegom v volilno opremo. Skupaj s kolegom je odgovorna za omogočanje dostopa nepooblaščeni osebi, ki je kopirala trde diske in dostopala do gesel za varnostno posodobitev programske opreme (gesla so bila pozneje razdeljena na spletu). Obtoženi referenti so pred incidentom javno širili dezinformacije o volilni varnosti.

V Gruziji so se volilni uradniki pred kratkim odločili zamenjati glasovalno opremo potem ko so forenzične strokovnjake, ki jih je najela pro-Trumpova skupina, ujeli pri kopiranju številnih komponent opreme, vključno s programsko opremo in podatki. Ni bilo ugotovljeno, da bi to vplivalo na izid volitev, vendar dejstvo kompromisa seje seme dvoma in postavlja vprašanje: Kako in kje bi lahko ukradene podatke ponovno uporabili za vplivanje na volitve?

In že februarja 2022 so se volilni uradniki v zvezni državi Washington odločili odstranite programsko opremo za zaznavanje vdorov iz glasovalnih naprav, češ da so bile naprave del levičarske teorije zarote za vohunjenje za volivci.

And unfortunately, the preponderance of public platforms on which anyone can voice an opinion on a topic — even if it’s without a shred of factual information — makes it simple for that voice to be heard. The result is constant public questioning about the veracity of any information and data.

Količina dezinformacij in dezinformacij, ki se lahko širijo, raste sorazmerno s površino kibernetskih napadov. Razumno je, da na več mestih, ko lahko ljudje objavljajo, delijo, všečkajo in komentirajo informacije (kakršne koli vrste), širše in dlje se bodo razširile, zaradi česar bosta identifikacija in zadrževanje bolj zahtevna.

Bodite proaktivni, ko se borite proti dezinformacijam

Needless to say, it’s best to be proactive when building systems, deploying tools, and implementing cybersecurity controls. But attacks are also inevitable, some of which will be successful. To maintain trust, it’s imperative to institute fast, reliable identification and remediation mechanisms that reduce mean time to detect and respond.

Priporočene prakse, ki bodo delovale pri upočasnitvi te grozeče grožnje, vključujejo:

• Nenehno spremljajte infrastrukturo: Ugotovite vse ustrezne sisteme v uporabi, kdo/kaj uporablja te sisteme in kako se ti sistemi uporabljajo. Nastavite izhodišča za običajno in pričakovano dejavnost in nato spremljajte nenormalno dejavnost. Na primer, poiščite nenavadno visoke ravni dejavnosti sistemskih ali uporabniških računov. To lahko pomeni, da je zlonamerni uporabnik prevzel račun ali da se roboti uporabljajo za motnje sistemov ali pošiljanje dezinformacij.

• Preizkusite vse sisteme: Ne glede na to, ali gre za programsko/strojno opremo, ki se uporablja v volilnih napravah, ali za ljudi, ki imajo/potrebujejo pooblaščeni dostop, preizkusite ranljivosti in slabosti, uporabite popravek, kjer je to mogoče, in sproti obravnavajte vse ugotovljene težave.

• Preverite, kdo ima dostop do sistemov: Uporabite večfaktorsko avtentikacijo, da preprečite prevzem računa, in preverite dejavnost človeka v primerjavi z botom, da preprečite zlonamerno uporabo botov pri širjenju dezinformacij.

• Profil: Understand the most likely targets/subjects of election-related mis-/disinformation. These are often high-profile individuals or organizations with strong political stances (and, of course, the candidates themselves). It may be necessary to place greater security controls on those individuals’ accounts to protect against data leakage, account takeover, smear campaigns, etc. Use the same methods for protecting systems/tools/technologies threat actors use to create and disseminate false information.

• Uporabite strojno učenje: Study digital personas, bot activity, and AI-generated campaigns. Use baselines for “normal” behavior to contrast with anomalous behavior. Machine learning can also be used for keyword targeting — identifying certain words or phrases used by people propagating disinformation and misinformation. When problematic language is used — or language is found that indicates an attack may be in the planning — flag activity or automate security controls to have it analyzed and removed or quarantined.

It is unfortunately the case that humans will continue to manipulate machines for their own benefit. And in today’s society, machines are used to influence human thinking. When it comes to elections and election security, we need to be focused just as heavily on how machines are used to influence the voting public. When this “influence” comes in the form of misinformation and disinformation, cybersecurity professionals can be a huge help in stopping the spread.