CISA Reports No Significant Attacks On US Elections

Following early warnings of the threat of interference from malicious foreign hackers in advance of this week's US House and Senate elections the US election processes continues to be a target of interest for malicious actors. 

Now, the Cybersecurity and Infrastructure Security Agency (CISA) has confirmed there were a number of cyber attacks on State and local election websites during the 2022 midterms. 

Reassuringly, however, those early warnings have been heeded by the local-level government agencies responsible for running the elections and no significant harm has been identified. 

“Election systems that house voter registration information or manage non-voting election processes continue to be a target of interest for malicious threat actors,” says CISA's report. However, there has been no specific or credible threat to disrupt election infrastructure or Election Day operations. “We’ve seen no activity that should cause anyone to question the security, integrity or resilience of our election infrastructure,” said a senior CISA official said. 

In Mississippi, the secretary of state’s website, which serves as a digital resource for election-related information and is not involved in vote tabulations, was temporarily inaccessible after experiencing “an abnormally large increase in traffic volume due to DDoS activity,” the office said in a statement. These were attempts to disrupt access to websites and servers by overwhelming them with manipulated online traffic, often through the use of bots or a network of hijacked computers. 

“We want to be extremely clear and reassure Mississippians our election system is secure and has not been compromised,” the Mississippi secretary of state’s office confirmed. 

CISA worked closely with state and local jurisdictions to help officials detect and stop cyber-attacks and threats made against election management and 14 states used cyber teams to help secure voting systems. This cyber security work has been successful for this election, as CISA has said it was only “checking a handful” of jurisdictions.

CISA:    NextGov:      DefenseOne:    Cyberwire:       The Record

You Might Also Read: 

The Personal Data Being Used To Get Your Vote:

 

« The Reality Check For Small & Medium Businesses
Why Are Businesses Still Falling Victim To Ransomware? »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

TNO Cyber Security Lab

TNO Cyber Security Lab

TNO Cyber Security Lab is a dedicated facility for innovative and experimental research with the goal of a safe and resilient cyberspace.

Covenco

Covenco

Covenco is a data management and IT infrastructure specialist. Working with customers to transform their IT environments, with data protection and security at the forefront of everything we do.

Bundesdruckerei

Bundesdruckerei

Bundesdruckerei specializes in secure identity technologies and services for protecting sensitive data, communications and infrastructures.

CLUSIF

CLUSIF

Clusif is the reference association for digital security in France. Its mission is to promote the exchange of ideas and feedback through working groups, conferences and publications.

Cyberia Group

Cyberia Group

Cyberia is a leading Internet and Security services provider with operations in Saudi Arabia, Lebanon and Jordan.

Fortanix

Fortanix

Fortanix Runtime Encryption keeps keys, data, and applications completely protected from external and internal threats.

Ericom Software

Ericom Software

Ericom is a global leader in securing and connecting the digital workspace, offering solutions that secure browsing, and optimize desktop and application delivery to any device, anywhere.

Enigmatos

Enigmatos

Enigmatos is an Israeli based Automotive Cyber Security company. We provide solutions to the ever growing threat of vehicle hacking.

Information System Authority (RIA) - Estonia

Information System Authority (RIA) - Estonia

RIA ensures the interoperability of the state’s information system, organises activities related to information security, and handles security incidents in Estonian computer networks.

ServerScan

ServerScan

ServerScan specializes in providing server scanning & compliance services to organizations of all types and sizes.

Wib

Wib

Wib is an API security leader. We are the only company providing a solution for the entire API development lifecycle.

Mobilen Communications

Mobilen Communications

Mobilen are dedicated to providing our customers with the highest level of secure data in transit and to bring privacy back to a mobile world.

BCX

BCX

BCX, a subsidiary within Telkom Group, is one of Africa’s largest systems integrator and digital transformation partners for enterprises and public sector organisations.

3DOT Solutions

3DOT Solutions

3DOT Solutions is an established UK cybersecurity consultancy focused on delivering end-to-end cyber security solutions for private and public sector customers.

OmniIndex

OmniIndex

OmniIndex PostgresBC is the only commercial solution allowing you to keep your most sensitive and critical data encrypted while analyzing it. Structured and unstructured.

tmc3

tmc3

tmc3 is an award-winning, people-centric consultancy that is transforming cyber security from an overhead into an organisational enabler.