Foreign Hackers Threaten US Election Security

Uploaded on 2020-10-07 in GOVERNMENT-National, FREE TO VIEW

The FBI and yhe US Cybersecurity and Infrastructure Security Agency (CISA) have issued an announcement to alert the public to the potential threat of foreign interference in reporting the 2020 US election results and other disinformation campaigns. According to these government agencies, foreign actors and cybercriminals will likely  create or alter websites, and share or create false social media content that discredits the electoral process and undermines confidence in US democratic institutions.

Due to the COVID-19 pandemic, postal ballots will be widely used in the elections this year, leaving officials with an incomplete vote on election night. Foreign threat actors will likely take advantage of this if it occurs.

State and local elections typically take several days to certify election results, ensuring that every vote cast legally has been included in the results. Foreign actors and cybercriminals could use this time gap to their advantage, releasing fake reports that claim voter suppression, cyberattack targeting election infrastructure, ballot fraud, or other issues that it claims occurred to undermine the election’s legitimacy. 

The US government agencies are urging Americans to take extra care in ensuring the legitimacy of their information and seeking multiple sources.

One example recently is where voters and election administrators who emailed Leanne Jackson, the clerk of rural Hamilton County in central Texas, received bureaucratic-looking replies. “Re: official precinct results.” But Jackson didn’t send the messages. Instead, they came from Sri Lankan and Congolese email addresses, and they cleverly hid malicious software inside a Microsoft Word attachment. By the time Jackson learned about the forgery, it was too late. Hackers continued to fire off look-alike replies. Jackson’s three-person office, already grappling with the coronavirus pandemic, ground to a near standstill.

The type of malware deployed against Hamilton, called Emotet, often serves as a delivery mechanism for later ransomware attacks, in which swindlers commandeer a victim’s computer and freeze its files until a ransom is paid. Emotet tricks users into clicking on plausible-looking messages and following phony instructions that in reality disable security settings in Microsoft Office. If successful, the ruse allows the malware to hijack the victim’s email conversations and send phony replies from bogus accounts. Malware attached to the messages is primed for a new set of targets automatically selected from the victim’s inbox, further spreading the infection.

US officials have expressed concern that those attacks, which have paralysed government agencies, police departments, schools and hospitals, could potentially disrupt the election.

Harvard’s Belfer Center for Science and International Affairs, which specializes in establishing best practices for political campaigns and election officials, said in a February 2018 report that election officials should “create a proactive security culture.” For political campaigns, the group suggested using cloud-based email and office software, which are more likely to neutralise threats like Emotet before they reach a user’s inbox. Experts said smaller governments with fewer resources should heed that advice.

The county’s email system lacks two-factor authentication, a standard protection involving a second means of verifying a user’s identity. It also hasn’t implemented DMARC, a system that helps organisations and businesses confirm that emails sent from their addresses are authentic.

The FBI and CISA urge the American public to critically evaluate the sources of the information they consume and to seek out reliable and verified information from trusted sources, such as state and local election officials. The US public should also be aware that if foreign actors or cyber criminals were able to successfully change an election-related website, the underlying data and internal systems would remain uncompromised.

IC3:     ProPubica:        DefenseOne:      ProgExas:      KXXV:      GCN:      Oodaloop:

You Might Also Read:

Chinese Hackers Spying On US Government Agencies:

 

« Is Slack Secure For Your Business?
Social Media Campaigns Designed To Disrupt US Election »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Mielabelo

Mielabelo

Belgian consulting firm providing services in the security and compliance of information systems and IT service management.

Lutech

Lutech

Lutech is an Italian ICT engineering and services company. Business solution areas include cyber security.

DirectDefense

DirectDefense

DirectDefense is an information security services and managed services provider.

Bowbridge

Bowbridge

Bowbridge provides anti-virus and application security solutions for SAP systems.

Cyberhaven

Cyberhaven

Cyberhaven provides rapid enablement for GDPR and CCPA compliance, streamlined data security and modern risk management.

CNS Group

CNS Group

CNS Group provides industry leading cyber security though managed security services, penetration testing, consulting and compliance.

Athreon

Athreon

Athreon utilizes a fusion of AI technology, human interpretation, and the latest in cybersecurity to deliver sound business solutions that help our clients make better data-driven decisions.

BridgingMinds Network

BridgingMinds Network

BridgingMinds Network is an industry leading best practices and IT security training provider in Singapore.

riskmethods

riskmethods

riskmethods helps you proactively identify, assess and mitigate supply chain risk. You need to master supply chain risk management—we can help.

US Army Cyber Command (ARCYBER)

US Army Cyber Command (ARCYBER)

US Army’s Cyber Command (ARCYBER) is engaged in the real-world cyberspace fight today, against near-peer adversaries, ISIS, and other global cyber threats.

Inflection Point Ventures (IPV)

Inflection Point Ventures (IPV)

Inflection Point Ventures (IPV) is a 6000+ members angel investing firm which supports new-age entrepreneurs by connecting them with a diverse group of investors.

Raiven Capital

Raiven Capital

Raiven Capital is a global early-stage technology venture capital fund. We focus on founder-led, driven companies on the leading edge of disruption.

Secfix

Secfix

Secfix helps companies get secure and compliant in weeks instead of months. We are on a mission to automate security and compliance for small and medium-sized businesses.

SecureTeam

SecureTeam

SecureTeam are a UK-based information security practice, specialising in all areas of cybersecurity.

Tenchi Security

Tenchi Security

Tenchi Security are specialized in Third-Party Cyber Risk Management (TPCRM) and aim to reduce information asymmetry when it comes to third and Nth-Party security and compliance risk management.

SecureFlag

SecureFlag

SecureFlag is dedicated to enhancing secure coding across all technical profiles within the Software Development Lifecycle.