|
During this risk assessment, SAIC has identified several high-risk vulnerabilities that, if exploited, could have significant impact upon the AccuVote-TS voting system operation. In addition, successful exploitation of these vulnerabilities could cause damage to the reputation and interests of the State Board of Elections (SBE) and the Local Boards of Elections (LBE). Also identified in this risk assessment are numerous vulnerabilities with a risk rating of medium and low. Tables 5.1 through 5.3 provide a high-level summary of the management, operational, and technical controls currently implemented.
This section provides a summary of the identified high-risk items in Sections 2.1, 2.2, and 2.3. Section 2.4 provides a summary of the review of the Rubin Report findings. In order to ensure the integrity of the AccuVote-TS voting system, all of the risks identified within this risk assessment should be considered. This assessment of the security controls within the AccuVote-TS voting system is dependent upon the system being isolated from any network connections. If any of the AccuVote-TS voting system components, as presently configured and architected, were connected to a network, the risk rating would immediately be raised to high for several of the identified vulnerabilities within this risk assessment. SAIC recommends that a new risk assessment be performed prior to the implementation of any major change to the AccuVote-TS voting system, and at least every three years.
2.1. Management Controls
2.1.1. AccuVote-TS voting system is not compliant with State of Maryland Information Security Policy & Standards
All Information Technology (IT) systems must be compliant with the State of Maryland Information Security Policy and Standards. The AccuVote-TS voting system does not meet all of these requirements.
Failure to meet the minimum security requirements set forth in the State of Maryland Information Security Policy and Standards indicates that the system is vulnerable to exploitation. The results of a successful attack could result in voting results being released too soon, altered, or destroyed. The impact of exploitation could lead to a failure of the elections process by failing to elect to office, or decide in a ballot measure, according to the will of the people. The impact could be a loss of voter confidence, embarrassment to the State, or release of incomplete or inaccurate election results to the media.
SAIC recommends that the SBE and the LBEs implement the mitigation strategies detailed in this Risk Assessment to bring the AccuVote-TS voting system into compliance with the State of Maryland Information Security Policy and Standards. To facilitate this compliance, we further recommend that the State consider the creation of a Chief Information Systems Security Officer (CISSO) position at SBE. This individual would be responsible for the secure operations of the AccuVote-TS voting system.
2.1.2. SBE has not ensured the integrity of the AccuVote-TS voting system
The State of Maryland and SBE have begun a process to ensure the integrity of the AccuVote-TS voting system as evidenced by initiating this Risk Assessment. In addition, the SBE and the LBE have established procedures for the AccuVote-TS voting system. However, these controls are neither complete, nor integrated.
Failure to ensure the integrity of the AccuVote-TS system could result in vital information being changed such that this information no longer accurately reflects the collective will of the voters.
We recommend that the SBE and the LBEs immediately implement the mitigation strategies detailed in this Risk Assessment for all “high” risk ratings. The SBE should create a formal, documented, complete, and integrated set of policies and procedures. These policies and procedures should be applied consistently by the LBE in each jurisdiction. In addition, the SBE should implement an iterative process to ensure that the integrity of the AccuVote-TS voting system is maintained throughout the life cycle process.
2.1.3. SBE has not created a System Security Plan
Currently, no formal documented System Security Plan exists for the AccuVote-TS voting system. The purpose of a System Security Plan is to provide an overview of the security requirements of the system and describe the controls in place or planned.
The absence of this plan could result in security controls have been missed, or if considered, implemented incompletely or incorrectly. Exploitation of any of the resultant security holes could lead to voting results being released too soon, altered, or destroyed. The impact of exploitation could lead to a failure of the elections process by failing to elect to office, or decide in a ballot measure, according to the will of the people. The impact could be a loss of voter confidence, embarrassment to the State, or release of incomplete or inaccurate election results to the media.
We recommend that the SBE develop and document a formal System Security Plan. The plan should be consistent with the State of Maryland Information Security Policy and Standards, Code of Maryland Regulations (COMAR), Federal Election Commission (FEC) standards, and industry best practices.
<lots more>
You can copy and paste a PDF by selecting the Text Select Tool, and highlighting the required text.
|
Printer-friendly format
Email this thread to a friend
Bookmark this thread
(1000+ posts)
Send PM |
Profile |
Ignore