Virtualization Technology News and Information
VMblog Expert Interview: Manoj Nair of Metallic Talks Cybersecurity, Election Data Protection, Cloud and AI

interview metallic manoj nair 

As the 2020 election approaches, many are questioning how critical election data is being protected against attacks from malicious actors who want to lock, destroy and manipulate this data. 
This threat has been a major talking point during the cybersecurity conference, Black Hat, where security experts detailed several election data vulnerabilities while executives from voting technology companies and officials from Department of Homeland Security discussed the initiatives they are pursuing to protect election data. 
To find out more about election data protection, VMblog spoke with industry expert, Manoj Nair, General Manager at the SaaS-driven data protection venture Metallic.  Read to better understand the cybersecurity threats facing election officials and learn about a two pronged strategy that will not only fend off attacks with minimal investment but also quickly recover election data in the event that a sophisticated cyberattack succeeds. 

VMblog:  Election security was a hot topic at last week's cybersecurity conference, Black Hat.  What types of cyberattacks do you think election officials should make sure they are prepared to combat this year?

Manoj Nair:  As has been the case in past years, ransomware attacks should be at or near the top of every election officials list of cybersecurity threats this year, along with malware, denial of service, and other attacks designed to sow distrust by manipulating or deleting election data. While many officials might have encountered these types of attacks in the past, this year they are likely to be more sophisticated than ever and they need to make sure that they are ready with up to date perimeter security, detection and response tools and secure, cloud-based data backup and recovery solutions in place.  

In addition, as Matt Blaze, the chair of computer science and law at Georgetown University, pointed out in his keynote, officials need to not only worry about a large number and wide variety of attacks, but also the large number and wide variety of attack surfaces that they need to protect, ranging from election management software to voting machine software.

The Department of Homeland Security is working to help state and local election officials address these threats and protect these attack surfaces. Together they are working to implement an extensive cybersecurity testing program and to deploy digital sensors that can alert the DHS about hacking attempts at thousands of county election offices. Yet, even with support from DHS, election officials have a big challenge on their hands this year as they seek to prevent an attack from locking, destroying, or altering election data.

VMblog:  Do you expect the attacks on election data this year to differ significantly from recent attacks on corporate or other types of sensitive data?  

Nair:  Ultimately, no. Cyberattacks are designed to steal, encrypt, change, or destroy data, regardless of what that data is or who it belongs to. Malicious actors generally target government agencies that are tasked with gathering, managing, and protection election data with the same types of attacks they use to target banks, hospitals, tech companies and other organizations with valuable data.

For example, in the past week alone, we've seen major attacks on Garmin, Canon and a hospital in Ohio. These attacks prove that no company, government agency, or other type of organization is immune to cyberattacks, as well as the fact that hackers don't need to develop entirely new types of attacks when traditional attacks, like ransomware, continue to be effective.

The fact that government election agencies should expect attacks similar to these recent attacks is one reason why I would recommend that election officials deploy the same "defense in depth" strategy used by an increasing number of enterprises around the world. Such a strategy combines perimeter security, strong authentication, end-point, network and incident detection and response tools and cloud-based data backup and recovery to protect critical data.

VMblog:  What should be top of mind for officials as they work over the coming months to prevent malicious actors from encrypting, deleting, or altering election data?

Nair:  To protect themselves from cyberattacks, election officials should implement a two pronged strategy in order to provide themselves with defense in depth.

First, they need to deploy strong perimeter security solutions that use strong authentication, attack detection and other technologies to stop most, if not all, attacks.

Second, they need to plan for the worst case scenario - an attack that penetrates their perimeter defenses and reaches their primary source of election data - with a robust data backup and recovery solution.

If election officials implement such a two-pronged defense in depth strategy for their data, they will be in a strong position to avoid, or at least minimize, any disruption to the elections they are administering.

VMblog:  What aspect of a strong, comprehensive data protection strategy do you think election officials are most likely to neglect or forget as they try to stop malicious actors from disrupting the election?

Nair:  Most election officials are aware of the need for a strong perimeter cybersecurity plan, with good reason - stopping all attacks from reaching election data is the result they should be aiming for. But, as the saying goes, "The heroes have to win every time. The villain only has to win once." Elections officials need to ensure if a malicious actor does win even once, and penetrates their perimeter security, everything is not lost because their primary data has been backed up to another location where it is safe from attack.

Specifically, election officials should maintain a pristine, air-gapped secondary backup copy of their election data that is continuously updated and stored in a secure environment. This separation of data between a primary location and a secondary location (otherwise known as an "air gap") enables election officials to recover any primary data that has been encrypted, deleted, or altered by a cyberattack. In addition, by comparing the secondary data with their primary data, election officials can verify that an attack has taken place if they suspect that some of their primary data has been altered but need to confirm.

With a secure, recent backup copy in hand, any disruption from a cyberattack that successfully gets through perimeter security is likely to be limited.

VMblog:  What role can the cloud play in helping election officials protect their data?

Nair:  The cloud is an ideal location for storing secondary backup data. In addition to creating an air gap between primary and secondary data, the cloud enables officials to access this data from their office, a polling place and from virtually anywhere else. In addition, by backing up their data to the cloud election officials can leverage major cloud providers' own robust, continuously updated security systems to further protect their secondary data. Election officials can also quickly deploy cloud-based backup and recovery solutions, as they do not require any heavy investment in specialized networking or additional equipment.  

VMblog:  How can election officials use AI to help them protect their data from a cyberattack?

Nair:  AI can be used to detect anomalies or tampering within an election system. With this information officials can identify and stop an attack before it does any damage. Today AI and ML technologies are built into good detection and response tools (in the endpoint, network and monitoring incidents), and are also integrated into enterprise grade cloud-based data protection products. In this way, AI provides election officials with another "set of eyes" to watch out for any unusual behavior that might indicate a cyberattack has taken place.


Published Wednesday, August 12, 2020 7:33 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<August 2020>