Apr 30 2020

Election Officials Get Access to Microsoft Security Tools

The software company is giving state and local officials access to threat detection and cybersecurity advisory services.

Although the primary election season calendar has been thrown off-kilter, election cybersecurity concerns are still top of mind, and election security trainings have moved online

The threat landscape has not become any less complex for state and local election officials. In fact, one could argue the attention paid to countering the coronavirus pandemic is taking awareness and resources away from election security, making it even more important they be refocused on the ballot box. 

“Potential changes to the primary schedules of certain states, and the exploration of further mobile and mail voting options in the midst of coronavirus, has only piqued interest on the topic of election cybersecurity, and we look forward to continuing a bipartisan dialogue, state-by-state,” Justin Griffin, managing director of the University of Southern California’s Election Cybersecurity Initiative, tells Politico.

With all of that in mind, recently Microsoft gave election officials new tools to combat cybersecurity threats between now and November. Earlier this month, the software giant announced a new service, Election Security Advisors, to give political campaigns and election officials “hands-on help securing their systems and recovering from cyberattacks,” according to a blog post by Jan Neutze, senior director of digital diplomacy and head of the cybersecurity and democracy team at Microsoft.

Additionally, Microsoft expanded its AccountGuard threat notification service to cover the offices of U.S. election officials and Congress, since many are working remotely, Neutze says. “As many of these officials and their staff are engaging in their duties while working remotely, we hope this extra layer of security will help,” Neutze writes in the post. 

Cybersecurity experts explore the nature of the election security threat landscape.

As StateScoop reports, “the announcement is part of Microsoft’s two-year-old Defending Democracy Program, a suite of election-security products that the company has been providing to campaigns and officials in both the United States and abroad.”

Microsoft also extended Microsoft 365 for Campaigns to state-level campaigns and parties and published its public policy recommendations for securing elections, including ways to secure them while confronting the COVID-19 public health crisis.

Microsoft Aims to Help Election Officials Boost Security

The AccountGuard service, which Microsoft is offering for free to customers in the political sector, “notifies organizations of cyberattacks, tracking threat activity across email systems run by organizations as well as the personal accounts of its employees who opt-in,” Neutze writes.

The service provides notification in the event “of a verifiable threat or compromise by a known nation-state actor against the participant’s Office 365 account,” including “notification to both the organization and, where possible, the impacted individual if a registered Hotmail.com or Outlook.com account associated with the organization is verifiably threatened or compromised by a known nation-state actor.” 

The service also offers recommendations to the participating organization for remediation if a compromise is confirmed.

“Democracies were already facing adversaries intent on using cyberattacks to disrupt our elections and democratic processes,” Neutze writes. “Now, as the world battles the COVID-19 pandemic, we have seen, and others have reported, that nation states and cybercriminals are taking advantage of the crisis by using virus-themed phishing attacks and other techniques to attack critical institutions. We must assume they will use these techniques to target our elections as well.”

Meanwhile, the Election Security Advisors service gives campaign and election officials the ability to choose from two offerings from Microsoft’s Detection and Response Team. The first is an assessment of an organization’s systems and expert help in configuration to close any security gaps, according to Neutze. The second is an incident response service that enables organizations to find the cause of a cyberattack and root it out, and offers the direction required to restore their systems, Neutze says.

twinsterphoto/Getty Images