Cybersecurity analyst Dustin Loeffler likens presidential elections to the Super Bowl for cybersecurity professionals, who spend months preparing for them. Many analysts work with federal and state governments to buffer election infrastructure against cyberattacks from foreign powers and curtail the spread of disinformation campaigns. And this election cycle, their efforts paid off.
“It’s been a pretty low-drama election from a cybersecurity standpoint, which is really good,” said Loeffler, director of cybersecurity at Saint Louis University who helped develop the curriculum for Springboard’s upcoming Cybersecurity Career Track.
Going on the offensive
While there’s no doubt the 2020 presidential race was tumultuous—states were still counting mail-in ballots three days after Election Day—but the electoral process itself remained uncompromised. Following the cybersecurity debacle of the 2016 election, including the Cambridge Analytica data harvesting scandal and pro-Trump disinformation campaigns spread by Russian trolls, federal agencies and social media networks were ready to face down cyber threats this time.
The U.S. also did something it has never done before: it went on the offensive.
“This time, the NSA (National Security Agency) was given the green light and as soon as intelligence confirmed that [a cyberattack] was going to happen, they went after it and shut it down in advance,” said Loeffler, who works as a cybersecurity consultant helping state governments protect their election infrastructure. “That’s what was historic about the 2020 election.”
There are two components to cybersecurity: defensive measures and offensive measures. The U.S. federal government has historically assumed a defensive cybersecurity strategy because an offensive cyberattack against a foreign power could be misconstrued as a military attack. But, with so much at stake this election cycle—7 out of 10 Americans said it was the most important election in their lifetime—the CISA, DHS, FBI, and other federal agencies worked to invent new practices to protect election infrastructure from data breaches, ballot tampering, and disinformation campaigns.
Tackling disinformation campaigns
Despite these precautions, there was still some level of foreign interference less than one month before the election. Iranian hackers sent voter intimidation emails to registered Democratic voters purportedly from the Proud Boys, a far-right, neo-fascist organization that engages in political violence in the U.S. and Canada. The emails demanded that the recipients vote for Donald Trump in the coming election. “Voter registration details were compromised, so you could see people’s names, their likely party affiliation, and things like that,” explained Loeffler.
In the days preceding Election Day, U.S. officials were concerned that in a mid-pandemic election decided primarily by mail-in ballots, Russian agents could sow disinformation and fear if results were not called on the night of November 3. On Twitter, fake accounts posing as news organizations began declaring election results while millions of legal votes were still being counted. Meanwhile, Facebook tightened its policies on election-related disinformation by limiting the reach of misleading live videos and posts.
While these disinformation campaigns appear not to have provoked outright civil unrest as was initially feared, as long as President Trump continues to allege election fraud and refuse to concede, American cyberspace is still vulnerable to attack from foreign operatives seeking to sow doubt in U.S. election integrity. “If it’s a heavily contested election with lawsuits flying around, the level of attacks might begin to ratchet up because maybe the U.S. is seen as unstable,” said Loeffler.
When it comes to cybersecurity, the entities most vulnerable to attack are those already plagued by high levels of mistrust. Record voter turnout this year—the highest since 1908, according to NPR—shows Americans are confident in the security of their votes and the integrity of the election. “I’m not as worried about the disinformation campaigns right now because I think states have done a really good job showing the integrity of the electoral process,” said Loeffler. “I think what may happen is a specific attack—not a disinformation program but maybe attacks targeted at certain sectors.”
What cybersecurity professionals learned after the 2016 election is that some level of attack is inevitable in any election. While most cyberattacks are targeted at presidential elections, Loeffler predicts that cybercriminals may soon set their sights on midterm elections as well, which tend to be far less protected but still play a crucial role in determining which political party has the majority in the House of Representatives and the Senate.
“State elections are a softer target, so there’s less money they can put into cybersecurity infrastructure,” he explained. “But I think we’re learning pretty quickly as a nation how important representation is within Congress and the Senate.”
As cyber attackers evolve their strategies and the U.S. electoral system continues to be deeply divided, the work of a cybersecurity professional has never been more important, says Loeffler.
“I think it’s an amazing opportunity to see your field in the headline of a newspaper on a regular basis and understand how the work you do on a daily basis can have real, meaningful outcomes.”
The cybersecurity industry is expected to have 3.5 million high paying unfilled jobs by 2021. With Springboard’s comprehensive cybersecurity bootcamp, you’ll work 1:1 with a mentor to learn key aspects of information technology, security software, security auditing, and finding and fixing malicious code. Modules include learning resources, practice exercises, projects, and career-related coursework.
All this will culminate in a multi-part capstone project that you can highlight on your resume for prospective employers. You will also get preparation for the CompTIA Security+ certification as well as optional bonus prep materials to help you pass the CompTIA CySA+ certification so you stand out when applying for software/application security analyst roles.
Springboard’s Cybersecurity Career Track will launch soon. Join the waitlist here.