Election security is a serious issue, and it is only getting worse. With the midterm election tomorrow, it is important that we are prepared for potential cyberattacks.
In recent years, the U.S. has been hit with several cyberattacks which have led to a large amount of data breaches and even the shutdown of voting machines. Jen Easterly, head of the Cybersecurity and Infrastructure Security Agency (CISA), said that the election infrastructure “is a very complex threat environment…You have cyber threats, you have insider threats, you have rampant disinformation. And yes, very worryingly, you have threats of harassment, intimidation and violence against election officials, polling places and voters. Let’s be really clear. That has to stop.”
With the advancement in technology and voting accessible via mobile applications, it is no surprise that security risks with mobile election apps are on the rise. There have been many instances where hackers have compromised the security of such apps. Cybercriminals have either stolen the voter’s information or have changed their votes. Unfortunately, security risks with mobile election apps are not new and very little has been done to protect voter’s information.
Mobile election apps are vulnerable to cyber-attacks due to their dependence on third-party applications for data storage, data processing and data transmission. The most obvious way to avoid such attacks is by storing all the data offline and eliminating any third-party applications that might be leaking sensitive information. However, there is another step that often gets overlooked – Mobile Application Security Testing (MAST).
Mobile app security testing is a process that allows developers to find and fix any vulnerabilities in their mobile app. This process can help not only keep the data safe, but also helps to secure the validity of the elections.
Benefits of Mobile App Security Testing
- Prevents data loss, theft, or tampering
- Reduces risk from both internal and third-party sources
- Protects sensitive data
- Allows government bodies to find and fix vulnerabilities within election apps before they are exploited by hackers or other malicious actors and then have lasting effects on the overall election process
It is important for local governments to test their mobile election app before deploying it to the public. Q-MAST is a fully-automated Mobile Application Security Testing platform, detecting security, privacy and code quality issues on iOS and Android Apps without needing to access any source code. Vetted by the NSA, we support the highest compliance standards including NIAP, CCPA, GDPR, NIST and OWASP MASVS. Learn more about Q-MAST here: https://www.quokka.io/products/q-mast
In the government space? Learn about the new directive that aims to safeguard Federal Information: BOD 23-01 and how Quokka can help.