Last week the Legislature, without public hearings, passed email and fax voting, stuffed in an otherwise popular bill. It would mandate each of Connecticut’s 169 towns and 339 registrars of voters to implement voting via email and fax from any location in the world. As is well know, email and fax are totally insecure.
Less well known, is how unprepared and unable our nations cities are in securing the internet. It should be obvious since our corporations, including networking giants, intelligence community, and military forces are not able to secure their networks. For a lesson in cyber security of the internet (with email being the most vulnerable), consider Homeland Security expert Bruce McConnell’s recent talk <read/view>
Recently the New York Times highlighted a report on the security of our nations cities: U.S. Study Cites Worries on Readiness for Cyberattacks <read>
A study commissioned by President Obama to assess the nation’s ability to respond to terrorist attacks and man-made and natural disasters has found that state and local officials have the most confidence in their public health and medical services but are the most concerned about whether agencies can respond to cyberattacks…
But it was the report’s findings about cybersecurity that appeared to be the most troubling, and they continued a drumbeat from the Obama administration about the need for Congress to pass legislation giving the Department of Homeland Security the authority to regulate computer security for the country’s infrastructure.
The report said that cybersecurity “was the single core capability where states had made the least amount of overall progress” and that only 42 percent of state and local officials believed that theirs was adequate.
Although a little more than 80 percent of officials said they had adopted measures to address the issue, 45 percent said they did not have a formal program to prevent and respond to attacks.
The report said that roughly two-thirds of those officials reported that they had not updated their “information security or disaster recovery plans in at least two years.”
The preparedness report said that a little less than two-thirds of the companies in the United States had sustained cyberattacks and that “only 50 percent of owners and operators at high-priority facilities” like electrical grids said that they reported such attacks.
Since 2006, there has been a 650 percent increase in the number of reported cyberattacks in the United States, rising to 41,776 in 2010 from 5,503 in 2006, according to the report.
Some the smaller of Connecticut towns have very part time registrars who maintain office hours as infrequent as one hour a week. Registrars in their 70’s and 80’s whose towns have not provided them with access to email. Towns that have resisted laws to require them to post meeting minutes on the web as too challenging and costly? How will those towns accept and provide security for email and fax voting? How about even our larger cities? How well prepared are they and can they be?
