Until 2016, the most concerning cybersecurity scenario for United States was falling victim to a cyberattack on our critical infrastructure such as the nation’s electrical grid. Then the 2016 elections took place and we were introduced to a new concern – a sophisticated and well-coordinated attack on the integrity of our elections with the primary goal of discrediting our democratic institutions and sowing discord amongst the U.S electorate.
The 2018 United States midterm elections are less than 90 days away and fears of a repeat of 2016 continue to grow. Microsoft recently revealed that 3 congressional candidates for 2018 elections were targets of a phishing attack.
At the same time, the amount of money appropriated towards securing 2018 midterm elections is coming under question. “While I thank the United States Congress for appropriating $340 million last month, let me be abundantly clear, we need more resources,” said Alex Padilla, the secretary of state of California and its top election official at DefCon 2018 in Las Vegas last week.
Given the resource shortage dedicated to election security and the importance of preserving the integrity of our nation’s elections, McAfee is proud to announce a new program to help secure 2018 U.S election infrastructure in the cloud by offering state election officials in all 50 United States access to a free twelve-month license of McAfee Skyhigh Security Cloud. While multiple factors contributed to findings of election meddling in 2016, McAfee’s Cloud Security Solution addresses one of these factors—security vulnerabilities to voter data stored in the cloud.
“McAfee believes that Together is Power and is committed to protecting the integrity of the electoral system,” said Ken Kartsen, senior vice president of federal sales, McAfee. “We believe McAfee Cloud for Secured Elections Program will fill a foundational security requirement for cloud by protecting against intrusion from those who aim to change the outcomes of our elections.”
McAfee Skyhigh Security Cloud provides state election officials with a no-cost data security, monitoring, auditing, and remediation solution for their infrastructure-as-a-service (IaaS) or software-as-a-service (SaaS) environments such as AWS, Azure, Office 365, and Box. With this offer, state election officials can:
1. Analyze and audit AWS and Azure security configurations to detect misconfigurations of your IaaS services
McAfee Skyhigh Security Cloud audits and continuously monitors the security configuration of all your AWS or Azure services, such as detecting AWS S3 buckets with open read access, to reduce the risk of a malicious third party accessing or altering voter or citizen data.
2. Detect compromised accounts, insider threats, and privileged access misuse for AWS, Azure, Office 365, and Box
Compromised accounts have been behind some of the most infamous cyberattacks, including those targeted at the U.S. government. According to Verizon’s 2018 data breach report, use of stolen credentials continues to be the #1 source of cyber threat. McAfee Skyhigh Security Cloud uses data science and machine learning to identify behavior in AWS, Azure, Office 365, and Box that may indicate an active threat, including:
Compromised accounts: McAfee Skyhigh Security Cloud analyzes user access attempts to identity cross-region access, brute-force login attacks, and login attempts from new or suspicious locations that may indicate that an account was compromised.
Insider threats: McAfee Skyhigh Security Cloud detects anomalous behavior across multiple dimensions including the amount of data uploaded/downloaded, volume of user actions, access count, and frequency across time and cloud services to identity and alert organizations of suspicious behavior.
Privileged user threats: McAfee Skyhigh Security Cloud identifies inappropriate user permissions, dormant accounts, and unwarranted escalation of privileges and provisioning.
3. Prevent unauthorized sensitive election data from being stored in AWS, Azure, Office 365, and Box
McAfee Skyhigh Security Cloud’s content analytics engine detects sensitive data, such as voters’ personally identifiable information (PII), stored in or uploaded to IaaS and SaaS services. McAfee Skyhigh Security Cloud uses keywords and phrases, regular expressions, file metadata, etc to discover sensitive data and provides state election officials multiple remediation options including quarantining or deleting the file, or notifying an administrator.
4. Prevent sharing of sensitive election data with unauthorized parties
McAfee Skyhigh Security Cloud provides secure collaboration capabilities to prevent data loss from inappropriate sharing of voter information via file sharing or collaboration services (Box, OneDrive, SharePoint Online) or cloud email (Exchange Online). McAfee Skyhigh Security Cloud detects shared sensitive data, analyzes the sharing permissions, and takes automatic corrective action such as:
- Revoking a shared link
- Downgrading permissions to view only
- Removing access permissions completely
- Blocking delivery of an email
5. Capture a complete audit trail of all AWS, Azure, Office 365, and Box user activity for investigation in real-time
McAfee Skyhigh Security Cloud integrates directly with cloud services to provide state election officials with complete and granular visibility into how their cloud services are being used. McAfee Skyhigh Security Cloud captures hundreds of unique activity types and groups then into distinct categories for streamlined investigation. With McAfee Skyhigh Security Cloud organizations can monitor:
- Who is accessing AWS, Azure, Office 365, or Box, their role, device type, geographic location, and IP address
- Inactive user accounts or former employees who retain access to a cloud service so their accounts be deleted to reduce latent risk
- How much data is being shared, accessed, created or updated, uploaded, downloaded, and deleted
- Successful/failed login attempts
- User account creation/deletion as well as updates to accounts by administrators