INDIANAPOLIS — When it comes to the security of our elections, it isn’t just up to campaign and election officials. Everyone plays a role in this process.
That’s why there’s a non-partisan group hosting virtual events in each state to explain how to stop cyber attacks on our democracy.
The University of Southern California Cybersecurity Initiative is virtually going to all 50 states to host an online workshop.
It went to Indiana on Tuesday.
Not only did the group give advice to campaign and election officials, but it gave some security tips to Hoosier voters as well.
“Are you using ‘password123’ as your password? That’s probably a bad sign,” explained Justin Griffin, the managing director of the USC Election Cybersecurity Initiative. “Are you willingly giving your password out to people to let them check your account from their mobile device? That’s probably not a good idea. Are you sharing information via email? Again, bad idea.”
Foreign adversaries are looking for creative ways to hack information, and it’s getting less obvious, like the time a small school district was targeted by Russia.
“If they can get into the kids’ phones and laptops, the kids take them home, they plug into their home networks, then maybe the Russians can get into their parents’ phones and laptops, and what do their parents do? Some of them are running elections and some of them might be running a minute-man missile base,” said Adam Powell, the executive director of the USC Election Cybersecurity Initiative.
Though the voting machines themselves and the voter roll system are so important to secure and update across the country, they are only a small piece of this puzzle, according to researchers.
Disinformation may be a bigger threat because it’s more challenging to control. A recent Indiana University study shows other places might be onto solutions.
“In the European Union, they have a new code for disinformation,” said IU Cybersecurity Program Chair Scott Shackelford. “They basically strong-arm the big tech companies to do take-ups, kind of like a code of conduct.”
The USC Election Cybersecurity Initiative shared best practices to avoid disinformation and raised awareness about what has happened and what still could. Ultimately, experts said the worst thing you could do is decide not to vote as a result of these attacks.
“That’s really a victory for our adversaries,” said Powell.
The following is a list of some of the cybersecurity suggestions from the conference:
- Make your password a phrase instead of a word
- Use numbers, punctuation and capital letters in a password
- Don’t use the same password for multiple accounts
- Don’t share information that isn’t verified
- Don’t email personal banking or other sensitive information
- Use a device for sensitive information such as work-related material and use a separate device for entertainment like games or Netflix