SV Co. Registrars Brace For Huge Midterms With Security Tactics

REDWOOD CITY, CA -- As social media giant Facebook grapples with an ongoing fight to manage hacks and infiltrations numbering in the millions, Silicon Valley county registrars up and down the peninsula and valley are beefing up their security measures leading up to what's believed to be an unprecedented turnout for the midterm elections Nov. 6.

In some cases, a hack is what's ordered -- especially since federal law enforcement agencies have confirmed our elections were influenced by foreign governments just two years ago.

San Mateo County performed a "trusted hack" a few weeks ago to test its multi-layered electronic systems and subsystems that interconnect in as much of a complex manner as many home theater/stereo systems. The county's Chief Elections Officer Jim Irizarry spelled out in great detail all of the improvements and extra measures performed to maintain the integrity of voting data.

"We think it's going to be the largest midterm election in the history of the United States," said Irizarry, who's logged about six years of industry work.

Events leading up to Election Day has galvanized both parties in a nation more divided than many public policy wonks have ever seen.

There's a delicate balance to performing a "trusted hack" in which the proprietor tries to infiltrate its own system.

"If we try to penetrate the system and we pick up the attack, it could shut down the system," he said. Then, it's back to square one. "We look at it to determine 'okay, that's not Iran.'"

San Mateo also hired a special cyber security company, StratumPoint, to assist the county in protecting its data. The Carlsbad-based risk management firm will guard the data in an environment of ever-changing security protocols and system upgrades.

"What's good today isn't good tomorrow," the county elections officer said. The county is constantly tweaking and updating its layer-upon-layer of electronic systems to ensure the accuracy of voter information. It also upgraded its website. All the while it works to protect voter tabulation systems, San Mateo must also keep an eye on different laws that change and open up voter registration units.

One such law is the California Voters Choice Act of 2016. The measure signed into law makes it possible for citizens to register right up to Election Day.

"You gotta know, there are malicious actors out there. In the U.S., cyber attackers spend every minute of every day with the sole job of trying to penetrate our systems. Think about it," Arizarry said.

Physically, an increased number of more sophisticated surveillance cameras also guard election department rooms where tabulations take place. Access cards are only given out to certain personnel.

Santa Clara cuts off access

San Mateo's neighboring county believes its voter information is safeguarded by staying out of the Internet's heavy-handed reach.

"The tabulation system we use is not connected to the Internet. It's a closed off network that cannot be accessed from the outside, and it's in a secure, monitored room that few people have access to," county Registrar of Voters spokesman Eric Kurhi said.

County workers are receiving a real education in cyber security, which comes with its own language. The term is "air-gapped," meaning there's "no electronic connection to the outside that could be breached."

Santa Clara maintains an information security office, which monitors patterns of suspicious traffic or activity. It's like having ten Guidos at the front door of your computer.

"Security is paramount to us," Kurhi said.

The same sentiment was shared by one of Santa Clara's largest businesses in terms of an "unfortunate" breach of personal data from about 30 million social media users.

"We take these incidents very seriously," Facebook Vice President of Product Development Guy Rosen said repeatedly on a media conference call from his Menlo Park office. The breach, which was downgraded from 50 million as projected earlier, involved attackers gaining "access tokens" that allowed them to tap into "friends of friends." About half the projected number accessed had their names and contact details compromised.

The recent cyber attack -- which ran from mid July to mid September -- was reported to the Federal Bureau of Investigations. Facebook will soon notify those users specifically affected, Rosen pledged.

Facebook founder Mark Zuckerberg testified before a congressional panel about data compromises since it was determined the social media site was used as elections influencer in 2016 by Russian infiltrators.

--Image via Shutterstock