SpyCloud, known for its unique breach data collection and curation platform that powers leading account takeover prevention and fraud investigation solutions, today announced its partnership with CyberDefenses, an award-winning Managed Security Services Provider (MSSP) and expert in election security, to protect the integrity of current and future elections.
Across the United States, elections are operated by Secretary of State offices with more than 3,000 county governments forming the frontline of defense against election cyberattacks. County election departments are frequently attractive targets for attackers with a wide range of motivations and agendas. As most areas of government shift to digital platforms, threat actors are increasingly choosing cyberattacks as their method to launch election interference, ransomware, account takeover, and other attacks. Even a small but successful attack could cause people to lose faith in election results, resulting in disastrous consequences for our nation.
CyberDefenses provides nearly one in five election jurisdictions across the United States with a multitude of security services, including Election Security Assessments that evaluate the end-to-end election process, benchmark cyber risk, and deliver concrete recommendations to fix gaps that could put counties at risk for cyberattacks and election interference. By providing cyber intelligence, SpyCloud is a key component of the assessment and gap-fix process. SpyCloud delivers continuous monitoring of the dark web for stolen credentials across the election landscape, including election staff, county officials and third-party suppliers who could be targeted because of their access to elections.
“SpyCloud is instrumental to the work we do in ensuring that every vote counts,” said Armando Ordonez, CEO of CyberDefenses. “It gives county governments an ‘over-the-horizon view’ of the cybercriminal landscape, with advanced information to protect elections from fraud and foreign interference, before it’s too late.”
Stolen credentials are still the No. 1 breach tactic, so continuous monitoring and remediation are necessary for election teams to proactively secure the voting process. Any account associated with election operations is checked against SpyCloud’s comprehensive database of more than 100 billion assets that have been compromised in data breaches. Using SpyCloud’s recovered breach assets, CyberDefenses alerts the county when it cannot be determined whether the user logging in is legitimate or a criminal leveraging stolen credentials. When accounts are at risk, they can be locked down until they are re-secured with a password reset or step-up authentication procedure.
“SpyCloud’s ability to continuously monitor suppliers as well makes their partnership essential to our mission,” explained Ordonez. “Anyone doing business with the county needs to be secure themselves, so they are not an entry point for bad actors attempting to interfere with elections. CyberDefenses also alleviates some of the burden by defining policies that counties can extend to their supplier network; fundamentals that must be met in order to remain a partner.”
CyberDefenses also uses SpyCloud’s data, including hundreds of millions of assets to research the infrastructure used in election fraud campaigns.
“We are all too aware of foreign attempts to undermine the sanctity of U.S. elections, and we’re proud to do our part with CyberDefenses to help stop them,” said Douglas Lingenfelter, Director of SpyCloud’s Federal practice. “Unfortunately, criminals are relentless and innovative in their attacks, so we are constantly updating our data and methods to help election officials stay ahead.”