For Boulder and Jefferson County election officials, these days are so busy “it’s like Santa Claus,” says a cybersecurity expert whose band of election security warriors offered advice last week to citizens in a statewide online workshop.
While voters and journalists tend to focus on one date—Tuesday, Nov. 8—election workers, like Santa’s elves, are especially busy in the months leading up to the big day, according to Adam Clayton Powell III, executive director of the USC Election Cybersecurity Initiative.
So are adversaries from Russia, China, Iran and other dark corners of the world. That grim reality prompted one of Powell’s presenters to dangle out the possibility for you to win up to $10 million.
No, that’s not Montana Lottery winnings. You can hit the jackpot by submitting a tip to expose foreign influence in U.S. elections.
The money posted by the U.S. State Department is part of a new Rewards for Justice program to also combat malicious cyber activities against the United States, among other threats.
News about the reward came from Marie Harf, a former State Department official who is now an international elections analyst for the cybersecurity initiative, a nonpartisan effort organized by the University of Southern California and funded with generous support from Google.
Montana beams bright for Powell on the national map, which is weather-worn having been traversed time and again by his band of warriors.
"We know from visiting the 50 states that many that are not covered often by national media may have some of the best election cybersecurity defenses,” Powell said. “In Montana, there is a robust cybersecurity initiative covering all 56 counties, including last month's virtual tabletop exercise with the U.S. Cybersecurity and Infrastructure Security Agency.”
Nearly 6,000 people in all 50 states attended USC’s workshops in 2020 and 2021 for candidates, campaign aides, political parties, journalists, academics, and state and local election workers. The two-hour Montana workshop on Thursday, Aug. 25, also invited representatives from North and South Dakota, Utah and Wyoming.
"Many who attend our workshops report that they have changed to stronger passwords, have begun using multi-factor authentication, and have been more careful to avoid social engineering attacks," Powell said.
Phishing scams, such as email and text messages to create urgency, curiosity or fear, are a popular social engineering attack to gain access to your passwords as well as personal and financial data.
Last month, the FBI issued an alert to Montana citizens and businesses about an increased possibility of phishing leading to malware and ransomware attacks.
“The most believable phishing sites trick almost half the users,” or 45 percent, said Clifford Neuman, director of USC’s Center for Computer Systems Security. “Hackers move fast. Twenty percent of the accounts are accessed within 30 minutes.”
Don’t use the same password for one account that you also use for financial transactions, Neuman said, adding that the most common password people use is 123456.
Rather than think of a password, Neuman said, use a pass-phrase, such as Big!SkyWin$23. And delete all those excess apps.
“Every new app you install is a risk,” Neuman said. “Always download apps from trusted sources.”
A related threat to election security is misinformation (wrong) and disinformation (maliciously wrong), said Sarah Mojarad, a lecturer in the USC Viterbi School of Engineering.
If you see something on social media that makes you fear or become outraged, stop before you share it, she said.
Confirming a line attributed to Mark Twain—“A lie can travel halfway around the world before the truth puts on its shoes”—Mojarad cited a research study’s finding:
“On average a false story reaches 1,500 people six times more quickly than a factual story. This is true of false stories about any topic, but stories about politics are most likely to go viral.”
And be careful what you salute, Harf said. She showed a sponsored Facebook page, titled “Being Patriotic,” which posted a quote on patriotism from Calvin Coolidge and a tribute to American soldiers, among many other messages.
It was shut down after its payment method—Russian rubles—drew suspicion. The page came from a Russian disinformation playbook to sow division in American politics, Harf said.
