Month: February 2017

ISSA Ottawa Presentation – Internet voting: What could go wrong? – Marcel Gingras

I was pleased to have the opportunity to see the presentation Internet voting: What could go wrong? at the Information Systems Security Association (ISSA) Ottawa Chapter January 26, 2017 meeting.

Marcel Gingras has a keen grasp of the requirements for a high-integrity voting system, and provided a good history of how we ended up with the highly-ranked Canadian federal paper-based system, followed by a discussion of the risks that an Internet voting system would introduce.

The presentation is available below

Provided by permission of Mr. Gingras.

defend Canadian electoral process from cyber threats – Minister of Democratic Institutions Mandate

In the mandate letter for Minister of Democratic Institutions Karina Gould, she receives direction to discontinue electoral reform activities

Changing the electoral system will not be in your mandate.

She is also directed to defend the current electoral system from cyber threats, by working with National Defence, Public Safety, and the Communications Security Establishment (CSE).

UPDATE 2017-06-19: The CSE has released its report on Cyber Threats to the electoral process.  ENDUPDATE

In addition through her, CSE is directed to analyze security risks to Canadian political and electoral activities, and to offer advice to Canadian political parties and Elections Canada on cybersecurity.

In collaboration with the Minister of National Defence and the Minister of Public Safety and Emergency Preparedness, lead the Government of Canada’s efforts to defend the Canadian electoral process from cyber threats.  This should include asking the Communications Security Establishment (CSE) to analyze risks to Canada’s political and electoral activities from hackers, and to release this assessment publicly.  As well, ask CSE to offer advice to Canada’s political parties and Elections Canada on best practices when it comes to cyber security.

(a copy of the mandate letter is also available in Archive.org)

Given the current cyber threat environment, with documented compromises of political party systems and elections-related systems, I consider this new emphasis on electoral process cyber security to be excellent.  Having CSE release its security assessment publicly is also a very important step.

Note that in addition to Canada and the US, the Australian Prime Minister also expressed his concern about foreign actors attacking political parties.

The [Australian] Federal Government is urging Australia’s political parties to steel themselves against potential foreign cyber attacks, as Prime Minister Malcolm Turnbull prepares to announce an unprecedented cyber security briefing for political parties to be held in Canberra early next month.

from ABC News – Government urges political parties to ‘keep themselves secure’ ahead of cyber security briefing – January 23, 2017