1. Business
  2. Politics and policy
November 3, 2020updated 04 Nov 2020 10:27am

US election security: “The threat actor’s favourite candidate is chaos”

By Ellen Daniel

Today marks the start of the conclusion to the 2020 US Presidential election, with an estimated 60m Americans expected to vote in-person on 3 November.

Following the 2016 presidential election, attention has often been focused on security, and the question of how safe this election is from hacking and foreign interference still looms.

This election season has already seen its fair share of cyber incidents, and while over 100m people have already voted, there is still ample time for malicious actors to wreak havoc.

Last week, it emerged that hackers using an invoice phishing scam had stolen $2.3m from the Wisconsin Republican Party.

Hall County in Georgia also disclosed it had been hit by a ransomware attack, with a voter signature database and a voting precinct map affected by the attack.

Democrat voters in several swing states reported receiving emails warning them to vote for Donald Trump, purporting to be from far-right group Proud Boys, which US officials claimed were from attackers in Iran.

Reuters also reported that Russian hackers had targeted the email accounts of Democratic state parties in California and Indiana earlier in the year.

Although it is important to highlight that such attacks do not necessarily mean that hackers have accessed voter databases, or that they have the ability to change votes, they do call the robustness of the election’s security into question, undermining confidence in the democratic process and spreading misinformation.

Evan Kohlmann, chief innovation officer and founder of threat intelligence company Flashpoint said that since the 2016 election, such attacks are no longer the preserve of large nation states:

“Four years later, cyber warfare has been democratised, meaning not only massive nation states like Russia and China can perform these attacks, but smaller, rogue states such as Iran, Syria, Turkey and North Korea can too. The goal also isn’t to skew the result in favour of either party – the threat actor’s favourite candidate is chaos.

“The last six months have seen an uptick in US election-themed cyber warfare, primarily focused on spreading propaganda, for example, the dangers associated with voting, how candidates aren’t democratic. Even strange conspiracies around Hollywood celebrities have emerged. The objective of this has been to create discord in the US, which could eventually lower its position as a global superpower and create internal crises that will distract leaders from threat actors’ countries.”

Despite some efforts to improve security since the 2016 election, such as a crackdown on paperless voting machines, the cybersecurity community still has reservations when it comes to the election, and the vulnerabilities that may remain.

According to VMware Carbon Black’s Global Incident Response Threat Report, 73% of people surveyed believe there will be foreign influence on the 2020 US presidential election, and 60% believe it will be influenced by a cyberattack.

The company said that cybersecurity remains a “top concern” when it comes to the election and nation-state attackers “pose a significant threat”.

Last week, Cybersecurity and Infrastructure Security Agency (CISA) Director Christopher Krebs issued a statement assuring voters that the agency “remains confident that no foreign cyber actor can change your vote, and we still believe that it would be incredibly difficult for them to change the outcome of an election at the national level”, but warned that malicious actors could sow “chaos” during the election:

“That doesn’t mean various actors won’t try to introduce chaos in our elections and make sensational claims that overstate their capabilities. In fact, the days and weeks just before and after election day is the perfect time for our adversaries to launch efforts intended to undermine your confidence in the integrity of the electoral process.”

“Cyber actors can do this by taking advantage of the fact that sometimes it’s not clear how technology is used in elections. For starters, election officials use computers to improve both your ability to vote and the accuracy of the vote itself. But in doing so, election officials understand that these systems aren’t perfect, and sometimes things breaks, malfunction, or could even be hacked.”

Krebs said that “perception hacks” are a key issue when it comes to election security, with hacking attempts enough to call the election’s legitimacy into question. In other words, hackers may be able to deploy relatively simple attacks and have a significant impact on voters’ perception of election security.

Cybersecurity firm Check Point has also warned that voters could be targeted in the final hours before the election, urging individuals to look out for emails falsely claim a particular candidate has won, or false claims of foreign interference.

Considering President Donald Trump’s efforts to sow seeds of doubt over the security of in-mail ballots, with Twitter hiding a tweet from the president that claimed postal voting would “allow rampant and unchecked cheating” on the day that voters head to the polls, the impact of hacking attempts on voters’ perception of the election may be significant.

Jake Moore, cybersecurity specialist at ESET, said that technical hitches could cast doubt on the outcome:

“I would be extremely surprised if we go through the election without a security or technical hitch. Even if the system can handle the deluge of information all on one day, there will be multiple attempts to knock it over to even cast the smallest of doubt on the outcome.

“Proactive defence works as a far better insurance and there is no space for error with this election which will undoubtedly be targeted with an array of different attacks looking for the weakest links.”


Read More: Twitter and Facebook tag false Trump mail voting claim on polling day.