Misinformation is the 'biggest concern' leading up to election: CrowdStrike President
Shawn Kelly, CrowdStrike President, joins Yahoo Finance’s Akiko Fujita joins to discuss potential threats to U.S. election security amid the 2020 presidential race.
Video Transcript
AKIKO FUJITA: Cyber attacks remain a top concern heading into the general election. And with just weeks to go, cities and states are scrambling to beef up their cyber defenses. Let’s bring in Shawn Henry. He is the president of CrowdStrike. And Shawn, it’s good to talk to you today. Certainly, you’ve got a lot of visibility on this issue.
And we talk about this as if all the attacks come on November 3. Clearly, these are attacks that you monitor on a daily basis. How have you seen the activity ramp up in the lead up to the election?
SHAWN HENRY: Well, this is a 24 by 7 effort, 365 days a year, quite honestly. Adversaries are looking to target infrastructure on a regular basis, whether it be intellectual property or for financial gain. And, of course, leading up to this election, and quite honestly, elections around the globe, we’ve seen adversaries targeting election infrastructure, certainly from a reconnaissance perspective, looking for vulnerabilities that they may be able to exploit.
But the actual integrity of the infrastructure is just one part of this whole concern around the election. There’s actually a whole host of concern the US government has expressed, as well as other governments, about information being leaked or information being misrepresented and pushed out through social media to kind of change the thoughts and the process of the voters, to change the way they think about certain issues or certain candidates. So that’s a whole nother piece of this. Certainly leading up to Election Day, these are all on the minds of those that are tasked with protecting critical infrastructure for the election.
AKIKO FUJITA: Shawn, can you speak to the extent with which you’ve seen the activity ramp up in the lead up to November 3, and particularly what kind of attacks you’re seeing right now.
SHAWN HENRY: So I don’t know we can say that there is this substantial increase in attacks. These things are happening on a regular basis. Of course, as you get closer to the election process, there are more components of the structure that are coming into play.
So you’ve got voter registration databases. You’ve got the voting machines and the voting tabulation process. And then you’ve got the organizations that are going to be reporting out the results of the election. So as those devices come online, as those systems are stood up, you will see more activity surrounding them.
I think that one of the things that we’ve seen here since 2016 especially is the increase in the awareness that organizations have taken and that they’ve become much more vigilant because they recognize what their vulnerabilities are and how they might be exploited. And a lot of the conversation around adversary activity has really caused them to add increased levels of security. So in that regard, we are engaged at a much higher level.
AKIKO FUJITA: And when you talk about that activity, are we talking about state actors for the usual names that we hear, like a Russia or China, North Korea, or Iran? Or is the bigger concern right now the attacks from within?
SHAWN HENRY: So I think when you’re talking about the election infrastructure and the misinformation campaigns, the primary concern is nation state. The US government has put out just in the last couple of weeks multiple reports from the FBI and from the Department of Homeland Security reporting about foreign adversaries that are looking to sow chaos and confusion within the US election system throughout this cycle by putting misinformation out and potentially targeting critical infrastructure. So that certainly is a concern.
But that does not take of the plate organized crime groups or hacktivist groups, people who might have an interest in disrupting the campaigns or the election, rather. We’ve seen organized crime groups that have launched ransomware into municipalities, not necessarily targeting the election system, but they’re doing this for financial gain. And these systems, some of these systems are part of those municipal infrastructure and could be potentially vulnerable. So organized crime groups are in the mix, for sure. But the primary concern is absolutely nation states as far as the government’s concern is.
AKIKO FUJITA: I mean, these are all issues that it feels like we talked about four years ago. From a risk standpoint, what’s different this time around from 2016?
SHAWN HENRY: I think that the awareness is certainly different. I think in 2016, while folks in the government were certainly aware– because we’ve seen infrastructure targeted going back for more than a decade, back into 2008, as recently as then, where the Obama campaign and the McCain campaign were targeted by a foreign adversary. But the general public did not have that real true appreciation for the efforts these nation states would take. I think that since 2016, we’ve seen that increase, so that those that are part of the infrastructure– people that are manufacturing equipment or people that are responsible for maintaining data, for tabulating the data– they have that awareness that they’ve become more vigilant. That probably is the biggest change since– since the last electoral process.
AKIKO FUJITA: We had the former Homeland Security Secretary, Michael Chertoff, on yesterday, talking about the nightmare scenarios that he sees playing out. He talked about the concerns around violence, the concerns around poll watching for those who weren’t meant to be poll watchers. He talked about the cyber attacks as well. Walk me through your election risks right now, your scenarios. I mean, what are the key issues that CrowdStrike is gaming out right now in anticipation of potential disruption on November 3?
SHAWN HENRY: So CrowdStrike, we’re a security technology company, nonpartisan, protecting all sorts of organizations that are part of the election process. We’re helping companies be vigilant by helping them hunt in their environment, looking for anomalous behavior as it relates, again, to the infrastructure, supporting the collection of voting, et cetera. That, to me, and in conversations with folks in the government and elsewhere who’ve been in the space, the actual manipulation of votes themselves to have a real impact on the election is really a low risk, according to a lot of people I’ve spoken with, because of how dispersed our election system is. There’s not one single point of failure.
I think the bigger concern is the concern of confusion or the concern of the integrity of the election, where it’s put into question, if, for example, there are questions raised about whether people were able to vote because certain systems were taken down or there’s confusion about whether a voter registration database allowed the right people to have access. And these are things we’ve seen put into the news. Oftentimes, it’s misinformation by foreign adversaries. I think that is the biggest concern, that there may be a cloud of unknowing, of confusion.
And that will cause a lot of, I think, concern by the citizens if they lose confidence in the integrity of the system. Did their vote count or not? I think that’s the biggest concern we should have. It’s that misinformation campaign leading up to Election Day on the 3rd of November.
AKIKO FUJITA: And Shawn, putting politics aside, we’ve also been hearing a lot about the concerns around the security of the databases for these drug makers that are developing the coronavirus vaccine. We’ve already heard of a number of attacks that have come forward. I mean, what are you seeing on that front? Have you seen activity ramp up, particularly from those outside of the US?
SHAWN HENRY: Yeah, we have seen healthcare, pharmaceutical companies, and those that may be part of the process to develop vaccines or have some research and development surrounding COVID being targeted. I think that that’s normal. And we see that in lots of areas throughout the year. COVID happens to be the hot topic and the area that people are most interested in.
But any time there’s new information, intellectual property, significant research and development related to many different areas, we see foreign adversaries targeting that technology, that data that’s maintained on the system, on the network. This is no different here. And we’ll expect to see that going forward. It’s incredibly important and valuable information. And nation states want to get access to it so that they can help to better inform themselves.
AKIKO FUJITA: Well, it’s good to get your insight on this as somebody who has a lot of visibility on it. Shawn Henry, president of CrowdStrike, good to talk to you.
SHAWN HENRY: Thanks so much. Good to talk to you.