When systems go down, can you recover fast? This week: real-world cyber threats, quick security wins, and network hardening basics for election offices. ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­    ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­  
View in browser
ESX News Header

March 18, 2026

TLP:CLEAR

In This Issue:

  • Situation Room: A cyber attack attributed to an Iran-linked group underlines system security needs.
  • Resource Library: First Things First: Cyber Security Fast Wins outlines free and low-cost options for high-impact steps to improve your cybersecurity posture overnight.
  • Planning Desk: Provide safer services with these fundamental security practices.
Header text: Situation Room

Devastating Attack Highlights Need for Cyber Defense - and Fallbacks

 

Election offices should take note of a recent cyber attack last week on Stryker, a Michigan medical technology company. The attack is believed to have originated in Iran. This serves as a reminder that geopolitical conflicts can put digital targets, including election offices, in the crosshairs.

Why Election Officials Should Be Concerned

While this attack targeted a medical firm, Iranian-linked groups are believed to have been behind a number of cyber attacks on election offices, including ...READ MORE HERE.

 

The Situation Room focuses on real security incidents and threats in the news relevant to election security. To review previous issues, see the newsletter archive.

Header text: Resource Library

First Things First: Cybersecurity Fast Wins

 

First Things First: Cybersecurity Fast Wins is a guide for local election officials and small teams, providing a starting point to quickly boost security posture. Easy to implement and proven to significantly reduce risk, these five low-cost, high-impact practices can be completed in under a week. The guidance also suggests a cost range and trusted products to help you.

  • Use a password manager. A dedicated password manager keeps your logins in a protected vault with its own lock. This makes it easier to assign a complex, unique password to every account because you don’t have to remember them!
  • Lock your screen. A simple keystroke can prevent unauthorized access, protect sensitive information from prying eyes, and reinforce a culture of responsibility.
  • Refresh phishing awareness. A 10-minute refresher video or quiz keeps everyone alert to evolving scams and reinforces reporting habits.
  • Update software. Regular patching closes security gaps, improves performance, and protects the entire office network. Enable automatic updates to rapidly defend against hackers and constantly work to find new vulnerabilities.
  • Enable Multi-Factor Authentication. Adding a second verification step blocks nearly all account-compromise attempts, safeguarding both office and personal accounts.

Cybersecurity doesn’t have to be complicated; smart moves start with simple habits. The cyber hygiene practices noted above increase everyday security, including for your network. The Planning Desk below offers more technical steps that can deliver even greater risk reduction.

 

The Resource Library section of the newsletter spotlights election security resources. All highlighted resources are available online in the Resource Library.

Header text: Planning Desk

Week E-33: Strengthen your network security!

 

Secure networks mean safer services and greater trust for everyone who relies on you. Improving your network security doesn’t have to be expensive or complicated, though some of it is technical, and not all of it will be plain language. That’s exactly why joining forces with your IT support early makes a difference. They can help translate, prioritize, and ensure your security expectations are actually met. Together, you can protect the data your community depends on.

 

Consider starting with these steps:

 

Step 1: Begin with the non-negotiables.

  • Inventory your assets, such as all devices and software, to understand what needs protection. You cannot protect what you don’t know you have. Taking inventory will assist in prioritizing the systems and data that are the most important to secure. 
  • Backup data regularly. Perform regular, automatic, and offline backups that can be obtained and restored on another server or network if you lose access to your systems. This is crucial; never underestimate the relief that multiple backup types can provide.
  • Test restoring backup data. A backup that hasn’t been tested is just a theory. Regularly verify that you can restore your files.

Step 2: Eliminate what you don’t need. 

  • Remove unused accounts and devices from your network. Expired or inactive accounts can be exploited by attackers. Regularly audit and remove unneeded accounts, devices, and permissions. See guidance on managing inactive accounts from the NIST cybersecurity framework. 
  • Disable unnecessary services. Turn off unused features and services in systems, workstations, and devices to reduce potential entry points for hackers. Work with your IT support on this to understand dependencies and ensure that disabling a service doesn’t break critical applications. Note that major software updates can quietly re-enable services, so check back periodically.

Step 3: Harden the perimeter.

  • Use a .gov domain for your website and/or email accounts. A .gov domain reduces impersonation risk and comes with built‑in security protections like anti‑spoofing and stronger email authentication. It also provides confidence to those searching for your website by ensuring they are on an official site. Get your free .gov domain from CISA.
  • Use firewalls and Virtual Private Networks (VPNs). Utilize robust and built-in operating system firewalls to block external threats. Consider implementing a VPN for remote work to establish a secure, encrypted tunnel between your remote device and your organization’s network. That will protect sensitive data from cyber threats and ensure safe access to internal systems.
  • Block dangerous websites automatically – Enroll in Malicious Domain Blocking & Reporting (MDBR). MDBR automatically blocks known malicious websites before staff can access them. If you are an MS-ISAC member, you may want to go to the CIS website for details. 

We’re here to help. If you don’t have an IT administrator or you’d like additional insight, contact our experts at the Election Security Exchange for help understanding this general network security guidance.

The Planning Desk is a running timeline of key election security tasks. You can find prior editions in the newsletter archive.

Header text: Election Security News

Want to get daily updates on election news? Subscribe to electionline.

  • Designing agents to resist prompt injection | OpenAI (March 11, 2026) // National

  • Google fixes two Chrome zero-days exploited in the wild affecting Skia and V8 | The Hacker News (March 13, 2026) // National
  • Ohio grants funding to counties to boost election cybersecurity amid Iran war | WTOL 11 (March 17, 2026) // Ohio
  • Newly-Launched Election Academy Gives Philadelphia Voters Firsthand Insight Into Election Process | Philadelphia.Today (March 18, 2026) // Pennsylvania
LinkedIn
YouTube
Email
Website

Copyright © 2026 Election Security Exchange. All rights reserved. TLP:CLEAR

 

You are receiving this email because you subscribed to the Election Security Exchange Newsletter.

 

Find this useful? Pass it along and invite other election teams to subscribe.
Subscribe

Election Security Exchange

712 H Street NE, Suite 2456

Washington, DC, 20002, United States

Unsubscribe Manage Preferences