Safeguarding Democracy in the Digital Age: Insights from Day 1 at Black Hat 2024 and Las Vegas Officials

In an era where technology and geopolitics intersect more than ever before, the importance of cybersecurity in maintaining democratic processes cannot be overstated. At Black Hat 2024, global leaders and local officials converged to discuss the challenges and strategies for protecting elections, critical infrastructure, and the very foundations of democracy. This article delves into the insights shared at the conference, offering developers, engineers, and architects a comprehensive view of the cybersecurity landscape and its implications for democratic societies.

The Changing Landscape of Global Threats

Jeff Moss, founder of Black Hat, set the stage by highlighting the rapid evolution of the threat landscape. "Things are different now," Moss observed. "Things have sped up. You have all the routine problems and a giant bucket of other problems, you have all these risks you didn't think about."

This acceleration of threats is compounded by global events, creating what Moss termed "the great sorting," a period where nations and entities are aligning into distinct camps:

1. Team rule of law
2. Team undecided (e.g., India)
3. Team authoritarian (e.g., Russia, China)
4. Team neutral (e.g., Switzerland)

This realignment is creating new challenges for cybersecurity professionals, as traditional alliances and assumptions are being upended. "Pretty soon there will be no unconflicted parties," Moss warned, underscoring the complexity of navigating this new geopolitical reality.

The Global Fight for Secure Elections

With more than two billion voters casting ballots in national elections worldwide in 2024, the stakes for election security have never been higher. A panel featuring Jen Easterly (CISA), Hans de Vries (ENISA), and Felicity Oswald (NCSC) discussed the multifaceted approach to securing democratic processes.

Felicity Oswald emphasized the reality of state-sponsored threats: "The hostile state threat is real and present in the UK." Despite these challenges, she noted that they were "able to vote securely on the day," highlighting the effectiveness of their preparedness efforts.

Hans de Vries echoed this sentiment, stating, "Everything went pretty okay even though the threat is much greater than five years ago." He emphasized the importance of information sharing between nation-states and thorough preparation.

Jen Easterly highlighted the evolving nature of threats, noting, "Iran, Russia, and China try to influence elections with Russia using PR firms and Americans to hide their hand to try and get out misinformation and influence." To combat these efforts, CISA employs a multipronged approach:

1. Sharing tactics with the FBI
2. Using the "Rumor vs. Reality" website
3. Amplifying voices of state and local election officials

Easterly stressed, "Election officials are the subject-matter experts when it comes to elections."

The Importance of Collaboration and Resilience

A recurring theme throughout the discussions was the critical need for collaboration across all levels of government and with private sector partners. Oswald stated, "Cybersecurity is a team sport; we work together," while de Vries emphasized, "Sharing information is crucial to the process."

Easterly reinforced this point, explaining CISA's comprehensive approach: "We are working to reduce risk across the entire spectrum, all are part of the layers of controls in place."

The concept of resilience emerged as a key factor in maintaining secure elections and critical infrastructure. As Easterly noted, "While these types of events are disruptive, they will not affect the integrity of the votes cast or the counting of the vote."

Oswald added, "Resilience is the buzzword for every organization. Cybersecurity needs to be as important as finance and operations."

Local Perspectives: Securing Las Vegas and Clark County

The challenges of cybersecurity at the local level were illuminated by Bob Leek, CIO of Clark County, and Michael Sherwood, Chief Innovation and Technology Officer of Las Vegas. Their insights provided a ground-level view of the complexities involved in securing a major tourist destination and critical infrastructure.

Leek described Clark County, which is the size of New Jersey, as equivalent to a "$2 billion company," emphasizing the scale and complexity of its operations. He outlined their approach to cybersecurity:

"Deter, detect, respond, and recover to ensure security. Securing emergency service and critical infrastructure. Supporting and collaborating with a number of dispersed departments to develop their own set of solutions."

Sherwood highlighted the unique challenges faced by Las Vegas, including:

• Protecting tourism infrastructure
• Managing an ever-expanding and contracting attack surface
• Dealing with non-compliant and white-labeled devices
• Vulnerability prioritization and remediation
• Maintaining services in a dynamic environment

He emphasized the city's commitment to innovation, stating, "We have about 100 pilot programs, everything from advanced signal timing systems, air quality sensors, computer vision LIDAR systems."

Both officials stressed the importance of collaboration. Leek noted, "We are proactively collaborating to talk in earnest ways to do cross-organizational scenario planning," while Sherwood added, "A rising tide lifts all boats. The more that we collaborate, the better the region is."

The Role of AI and Emerging Technologies

Artificial Intelligence (AI) emerged as both a potential threat and a powerful tool in the cybersecurity arsenal. Leek mentioned that Clark County has "15 pilots actively taking place" related to AI, while Sherwood discussed Las Vegas's "Smart Vegas" initiative, which uses AI-powered LIDAR sensors in parks for enhanced security and efficiency.

However, the officials also acknowledged the potential risks associated with AI. Easterly cautioned, "AI will exacerbate current threats but not create new threats," emphasizing the need for vigilance and adaptability in the face of evolving technologies.

Securing Critical Infrastructure and IoT Devices

The proliferation of Internet of Things (IoT) and Operational Technology (OT) devices presents unique challenges for cybersecurity professionals. Sherwood highlighted this issue, stating, "More and more today, and I'm not going to draw on the specifics for good reason, but I'll give you, I'll answer your question. I can go get the hint, or the jist of it is that there are a lot of manufacturers that put their name on something that they have bought from another equipment manufacturer, more and more that is becoming concerned over time, especially you're talking about things that control critical infrastructure."

To address these challenges, both Clark County and Las Vegas are leveraging advanced security solutions. Leek mentioned their use of Armis for asset discovery and analysis, describing it as "complementary to that layers across" their existing security infrastructure, providing visibility into "every device on the network."

Lessons for Developers, Engineers, and Architects

For technical professionals working on systems that may impact democratic processes or critical infrastructure, several key takeaways emerged:

1. Prioritize resilience: Design systems that can withstand disruptions and quickly recover.
2. Embrace collaboration: Work across organizational and jurisdictional boundaries to share information and best practices.
3. Implement layered security: Adopt a defense-in-depth approach that addresses threats at multiple levels.
4. Stay informed about geopolitical factors: Understand how global events may impact the threat landscape for your systems and applications.
5. Leverage AI responsibly: Explore the potential of AI for enhancing security while being mindful of its potential risks.
6. Maintain visibility: Implement solutions that provide comprehensive visibility into all devices and systems on your network.
7. Plan for the unexpected: As Sherwood noted, "Plan for the worst and hope for the best."

Conclusion

As we navigate the complex intersection of technology, democracy, and security, the insights from Black Hat 2024 and Las Vegas officials underscore the critical role that cybersecurity plays in maintaining the integrity of our democratic institutions. By fostering collaboration, embracing innovation, and remaining vigilant against evolving threats, we can work towards a more secure and resilient digital future.

The final word goes to Jen Easterly, who reminds us of our collective responsibility: "It is up to all of us to protect our democracy, resist adversary attempts to interfere and influence elections." As developers, engineers, and architects, we have a crucial part to play in this ongoing effort to safeguard the foundations of our democratic societies.