Foreign Hackers Threaten US Election Security

Uploaded on 2020-10-07 in GOVERNMENT-National, FREE TO VIEW

The FBI and yhe US Cybersecurity and Infrastructure Security Agency (CISA) have issued an announcement to alert the public to the potential threat of foreign interference in reporting the 2020 US election results and other disinformation campaigns. According to these government agencies, foreign actors and cybercriminals will likely  create or alter websites, and share or create false social media content that discredits the electoral process and undermines confidence in US democratic institutions.

Due to the COVID-19 pandemic, postal ballots will be widely used in the elections this year, leaving officials with an incomplete vote on election night. Foreign threat actors will likely take advantage of this if it occurs.

State and local elections typically take several days to certify election results, ensuring that every vote cast legally has been included in the results. Foreign actors and cybercriminals could use this time gap to their advantage, releasing fake reports that claim voter suppression, cyberattack targeting election infrastructure, ballot fraud, or other issues that it claims occurred to undermine the election’s legitimacy. 

The US government agencies are urging Americans to take extra care in ensuring the legitimacy of their information and seeking multiple sources.

One example recently is where voters and election administrators who emailed Leanne Jackson, the clerk of rural Hamilton County in central Texas, received bureaucratic-looking replies. “Re: official precinct results.” But Jackson didn’t send the messages. Instead, they came from Sri Lankan and Congolese email addresses, and they cleverly hid malicious software inside a Microsoft Word attachment. By the time Jackson learned about the forgery, it was too late. Hackers continued to fire off look-alike replies. Jackson’s three-person office, already grappling with the coronavirus pandemic, ground to a near standstill.

The type of malware deployed against Hamilton, called Emotet, often serves as a delivery mechanism for later ransomware attacks, in which swindlers commandeer a victim’s computer and freeze its files until a ransom is paid. Emotet tricks users into clicking on plausible-looking messages and following phony instructions that in reality disable security settings in Microsoft Office. If successful, the ruse allows the malware to hijack the victim’s email conversations and send phony replies from bogus accounts. Malware attached to the messages is primed for a new set of targets automatically selected from the victim’s inbox, further spreading the infection.

US officials have expressed concern that those attacks, which have paralysed government agencies, police departments, schools and hospitals, could potentially disrupt the election.

Harvard’s Belfer Center for Science and International Affairs, which specializes in establishing best practices for political campaigns and election officials, said in a February 2018 report that election officials should “create a proactive security culture.” For political campaigns, the group suggested using cloud-based email and office software, which are more likely to neutralise threats like Emotet before they reach a user’s inbox. Experts said smaller governments with fewer resources should heed that advice.

The county’s email system lacks two-factor authentication, a standard protection involving a second means of verifying a user’s identity. It also hasn’t implemented DMARC, a system that helps organisations and businesses confirm that emails sent from their addresses are authentic.

The FBI and CISA urge the American public to critically evaluate the sources of the information they consume and to seek out reliable and verified information from trusted sources, such as state and local election officials. The US public should also be aware that if foreign actors or cyber criminals were able to successfully change an election-related website, the underlying data and internal systems would remain uncompromised.

IC3:     ProPubica:        DefenseOne:      ProgExas:      KXXV:      GCN:      Oodaloop:

You Might Also Read:

Chinese Hackers Spying On US Government Agencies:

 

« Is Slack Secure For Your Business?
Social Media Campaigns Designed To Disrupt US Election »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Securezoo

Securezoo

Securezoo's mission is to simplify and enhance information security by providing trusted security guidance, products, and information to small and mid-sized businesses and security professionals.

Cloud Security Alliance (CSA)

Cloud Security Alliance (CSA)

The CSA is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing

Ipsidy

Ipsidy

Our identity platform enables mobile users to more easily authenticate their identity to a mobile phone or portable device of their choosing.

TrainACE

TrainACE

TrainACE, is a professional computer training school offering courses in information technology with a focus on Advanced Security training.

Cellopoint

Cellopoint

Cellopoint is a leading manufacturer of information security and email lifecycle management (ELM) products.

Cyphercor

Cyphercor

Cyphercor is a leading smartphone and desktop-based two-factor authentication (2FA) provider.

New Zealand Internet Task Force (NZITF)

New Zealand Internet Task Force (NZITF)

The New Zealand Internet Task Force (NZITF) is a non-profit with the mission of improving the cyber security posture of New Zealand.

UPX Technologies

UPX Technologies

UPX Technologies is one of the largest digital security centers in Brazil providing full protection for data, networks and content.

State Service of Special Communications & Information Protection of Ukraine (SSSCIP)

State Service of Special Communications & Information Protection of Ukraine (SSSCIP)

State Service of Special Communications and Information Protection is the technical security and intelligence service of Ukraine, under the control of the President of Ukraine.

ClubCISO

ClubCISO

ClubCISO is a community of peers, working together to help shape the future of the information security profession by facilitating independent discussion on data security and cyber resilience.

AdEPT Technology Group

AdEPT Technology Group

AdEPT are a managed services and telecommunications provider offering award-winning, proven and uncomplicated technical solutions for over 12,000 organisations across the UK.

Redhorse

Redhorse

Redhorse provides top-tier consulting to help clients address mission-critical government problems in National Security, Networking Technology, Energy and the Environment.

ELLIO Technology

ELLIO Technology

ELLIO Technology is a cybersecurity company that reduces alert overload, improves incident response, and helps security teams target serious attackers who pose a real threat.

Dion Training Solutions

Dion Training Solutions

Dion Training Solutions offer comprehensive training in areas such as project management, cybersecurity, agile methodologies, and IT service management.

Denodo

Denodo

Denodo transforms the way organizations operate by unifying their data assets in real time and making data ubiquitous and secure to all users and business applications.

Cork

Cork

Cork is a purpose-built cyber warranty company for managed service providers (MSPs) serving small businesses (SMBs) and the software solutions they manage.