I was having a conversation the other night about computer security and what you’d need to do to secure an election. This is bread and butter stuff for me, as it’s the sort of thing I consult on all the time. It got me to thinking the other way around. If I deliberately wanted to make sure that third parties could access my election infrastructure locally or remotely and not be noticed, how would I relax security in order to grant them access and hide their presence?
Firstly, I’d connect the voting systems to the internet, despite assurance I’d do no such thing except for the purposes of remote support. CHECK.
I’d use well-known ports for all my communications and make sure that no certificates / encryption channels were in use. CHECK.
For local access, I’d make sure that all of the USB ports were enabled. CHECK.
For remote access, I’d use single-factor authentication with either a simple password or no password at all. This way it’s impossible to know who’s logging in. CHECK.
The same rules apply for local access at the Voting Terminals. CHECK.
It’s standard practice to make sure that all users have their own accounts and admin rights are restricted to users who need them. I’d therefore configure a generic login account called Guest or Admin and make sure that all the users use it. This means that when forensics come along, it’s impossible to tell who did what. CHECK.
For the creation, deletion and amendment of user accounts, it’s usual to have a system of Change Control in place. Who needs all that unnecessary paperwork? Let’s do away with it. CHECK.
I’d make sure that remote access by interested parties who shouldn’t be viewing results ahead of time was obfuscated by routing it through a commonly used web app such as a betting site or Pornhub. CHECK.
This type of access would be sold at a premium. HMMM.
I’d make sure that whenever a penetration test of the systems was required, it would be delayed and when the results came in I’d stonewall any required updates and bury the report. CHECK.
For vulnerability purposes, there is no need to ensure that the latest versions of software / firmware are deployed. This makes it much easier for hackers to get it, and you can then blame them for any bad things that happened. Everyone knows it was the Russians. CHECK.
When it comes to access to key equipment in restricted areas, it’s usual to employ a two-man rule. One person carries out the change work, the other observes. This ties up a person unnecessarily. Do away with it immediately! CHECK.
It’s customary to train operators how to carry out complex admin tasks, so this is what you propose to do. However, it’s dangerous to trust employees with such power. Let management know this and instead deploy your own staff and charge a fortune. CHECK.
Logging needs to be switched off.
Or better still, let any admin user delete their own logs so it’s impossible to know what they did. CHECK.
Why not go the whole hog and make all the users admin users? HMMM.
Make sure that all of the key servers are located abroad, so as to get around any pesky State laws you don’t like. CHECK.
I’m sure there are many more holes but these are the ones that spring to mind. Of course, it’s not at all suspicious that the US elections were run using companies based in another country, who have an horrendous record when it comes to fraud. The support companies, the data handlers, the infrastructure: all based abroad. The same companies who are responsible for the fraud are then allowed to be members of the governing council making sure that fraud doesn’t happen. We have Edwin Smith, Smartmatic’s Global Services Director for the US elected to the Executive Committee of the DHS Election Infrastructure Sector Coordinating Council. Dominion have a representative on the same council.
If the stakes weren’t so high, all of this would be very funny in a Keystone Cops sort of way. Except this isn’t the case.
Let us pray that the image above represents the bad guys who’ve perpetrated this fraud and not the good guys who are trying to catch them.