Cybersecurity and the Election
Support
Cyber Security and the Presidential Election is a Giving Day event, held on October 28 when the SEAS community from across the world come together to support the Engineering for Humanity mission.
Register for the event here.
Find out more about Giving Day here.
In just a few days, voting in the 2020 election will come to an end. However, questions surrounding the security and integrity of the U.S. voting system could linger. On the one hand, the U.S. has been targeted by foreign agents seeking to influence the outcome and even compromise voting machines. But on the other hand, in many ways the U.S. has long enjoyed a resilient and robust voting infrastructure. So where do we actually stand?
On October 28, four Columbia Engineering security experts will weigh in on Cybersecurity and the Presidential Election separating the signal from the noise by tackling topics such as organizational hacking and weaponizing leaks, how to improve our voting infrastructure, and smart practices to counter an ecosystem of polarization and disinformation.
Steven Bellovin is the Percy K. and Vida L.W. Hudson Professor of Computer Science and an affiliate faculty at Columbia Law School who focuses on security, privacy, and related legal and public policy issues. Sal Stolfo is a professor of computer science who holds more than 60 patents in the area of cybersecurity and has co-founded two startups, Red Balloon Security and Allure Security Technology. Suman Jana builds secure and privacy-protecting software. An assistant professor of computer science and member of the Data Science Institute, Jana’s software has been incorporated into several open-source software including Mozilla Firefox, Apache Cordova, and cURL. Joel Cretan MS'18SEAS is a security researcher at Red Balloon with an expertise in embedded devices. The panel will be moderated by Roxana Geambasu, an associate professor of computer science who specializes in security, privacy and data collection.
In advance of the event, faculty shared some quick takes on systemic improvements and simple steps voters can use to protect themselves.
What do you wish voters knew about election security?
Sal Stolfo.
Sal Stolfo: I wish they knew how to recognize and avoid being victims of scams, emails and webpages that spread false information that manipulates their sentiments and sensibilities, as often happens through social media. Being able to tell the difference between a fraudulent site and a trusted news source is key—I tell people a great way to avoid being scammed this way is to look carefully at the links in the email to ensure the domain is legitimate. And of course, I want them to avoid being tricked into giving money to attackers. If I could give voters one tip on that front, it would be to immediately close the window if the site asks for your social security number or any very sensitive personal information.
Suman Jana.
Suman Jana: I wish they knew and followed basic security hygiene, i.e., not clicking on suspicious links, double-checking claims from multiple sources, and making sure that they do not share sensitive data without fully understanding the potential consequences.
Steve Bellovin.
Steve Bellovin: More jurisdictions need to use risk-limiting audits. A risk-limiting audit is, more or less, a statistical recount. Instead of hand-counting every ballot, you count a random subset. How many ballots you need to count depends on how close the election is and how certain you want to be that the machine count is correct. Typically, about 1% of ballots will need to be checked.