Evaluating Mail-Based Security for Electoral Processes Using Attack Trees
Evaluating Mail-Based Security for Electoral Processes Using Attack Trees Since the reports of Russian interference in the 2016 United States General Election, the security of voting processes has received increased attention from both state and federal authorities. The declaration by the US Department of Homeland Security in January 2017 that election systems be classified as the 17th component of critical infrastructure is just the beginning of a need for more secure voting processes. More recently, the COVID-19 pandemic and the 2020 US General Election have placed greater emphasis specifically on mail-based voting processes for electoral systems. The objective of this research is to provide greater insight into |
potential threats to mail-based voting processes. Upon identifying an attack tree as an initial structure for evaluation, new threats are postulated, and an updated tree is proposed that accounts for more recent activities. Then, using an established assessment framework, the relative likelihood of each mail-based voting process attack scenario is identified. The results facilitate providing election officials and policymakers with greater knowledge of how mail-based voting system vulnerabilities develop as well as specific security measures that may be most beneficial.
Dr. Natalie M. Scala is an associate professor and director of the graduate programs in supply chain management in the College of Business and Economics at Towson University. She earned Ph.D. and M.S. degrees in industrial engineering from the University of Pittsburgh. Her primary research is in decision analysis, with specialization in military and security issues, including risk in voting systems, attack trees and strength of threat in mail voting, integrity of votes throughout the supply chain, poll worker education, and cybersecurity metrics and best practices. Her research team defines threats to voting as systemic and an interplay between cyber, physical, and insider sources. Her work in elections security earned a University System of Maryland Board of Regents Award for Excellence in Public Service, the system’s highest faculty honor. In conjunction with Anne Arundel County, Maryland, her work in cybersecurity and threat training for poll workers received a U.S. Elections Assistance Commission Clearinghouse Award for Outstanding Innovation in Election Cybersecurity and Technology. Dr. Scala frequently consults to government clients and has extensive professional experience, to include positions with Innovative Decisions, Inc., the United States Department of Defense, and the RAND Corporation. Her first book, a co-edited volume titled Handbook of Military and Defense Operations Research, was released by CRC Press in early 2020; her second book, Mathematics in Cyber Research, was recently released by CRC Press in early 2022.