Foreign Hackers Threaten US Election Security

Uploaded on 2020-10-07 in GOVERNMENT-National, FREE TO VIEW

The FBI and yhe US Cybersecurity and Infrastructure Security Agency (CISA) have issued an announcement to alert the public to the potential threat of foreign interference in reporting the 2020 US election results and other disinformation campaigns. According to these government agencies, foreign actors and cybercriminals will likely  create or alter websites, and share or create false social media content that discredits the electoral process and undermines confidence in US democratic institutions.

Due to the COVID-19 pandemic, postal ballots will be widely used in the elections this year, leaving officials with an incomplete vote on election night. Foreign threat actors will likely take advantage of this if it occurs.

State and local elections typically take several days to certify election results, ensuring that every vote cast legally has been included in the results. Foreign actors and cybercriminals could use this time gap to their advantage, releasing fake reports that claim voter suppression, cyberattack targeting election infrastructure, ballot fraud, or other issues that it claims occurred to undermine the election’s legitimacy. 

The US government agencies are urging Americans to take extra care in ensuring the legitimacy of their information and seeking multiple sources.

One example recently is where voters and election administrators who emailed Leanne Jackson, the clerk of rural Hamilton County in central Texas, received bureaucratic-looking replies. “Re: official precinct results.” But Jackson didn’t send the messages. Instead, they came from Sri Lankan and Congolese email addresses, and they cleverly hid malicious software inside a Microsoft Word attachment. By the time Jackson learned about the forgery, it was too late. Hackers continued to fire off look-alike replies. Jackson’s three-person office, already grappling with the coronavirus pandemic, ground to a near standstill.

The type of malware deployed against Hamilton, called Emotet, often serves as a delivery mechanism for later ransomware attacks, in which swindlers commandeer a victim’s computer and freeze its files until a ransom is paid. Emotet tricks users into clicking on plausible-looking messages and following phony instructions that in reality disable security settings in Microsoft Office. If successful, the ruse allows the malware to hijack the victim’s email conversations and send phony replies from bogus accounts. Malware attached to the messages is primed for a new set of targets automatically selected from the victim’s inbox, further spreading the infection.

US officials have expressed concern that those attacks, which have paralysed government agencies, police departments, schools and hospitals, could potentially disrupt the election.

Harvard’s Belfer Center for Science and International Affairs, which specializes in establishing best practices for political campaigns and election officials, said in a February 2018 report that election officials should “create a proactive security culture.” For political campaigns, the group suggested using cloud-based email and office software, which are more likely to neutralise threats like Emotet before they reach a user’s inbox. Experts said smaller governments with fewer resources should heed that advice.

The county’s email system lacks two-factor authentication, a standard protection involving a second means of verifying a user’s identity. It also hasn’t implemented DMARC, a system that helps organisations and businesses confirm that emails sent from their addresses are authentic.

The FBI and CISA urge the American public to critically evaluate the sources of the information they consume and to seek out reliable and verified information from trusted sources, such as state and local election officials. The US public should also be aware that if foreign actors or cyber criminals were able to successfully change an election-related website, the underlying data and internal systems would remain uncompromised.

IC3:     ProPubica:        DefenseOne:      ProgExas:      KXXV:      GCN:      Oodaloop:

You Might Also Read:

Chinese Hackers Spying On US Government Agencies:

 

« Is Slack Secure For Your Business?
Social Media Campaigns Designed To Disrupt US Election »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

Red Hat

Red Hat

Red Hat is a leader in open source software development. Our software security team proactively identifies weaknesses before they become problems.

IABG

IABG

IABG offer independent, product-neutral consulting as well as technical and scientific services for the use of safety-relevant systems and technologies.

Lynx Technology Partners

Lynx Technology Partners

Lynx Technology Partners is a full service, full life-cycle risk-based security consulting firm.

IBA Security

IBA Security

IBA Security is a center of competence consolidating the cybersecurity expertise of the IBA Group.

GreyCortex

GreyCortex

GreyCortex uses advanced artificial intelligence, machine learning, and data mining methods to help organizations make their IT operations secure and reliable.

Fiserv

Fiserv

Fiserv offers a wide array of Risk & Compliance solutions to help you prevent losses from fraud and ensure adherence to regulatory and compliance mandates.

neoEYED

neoEYED

neoEYED helps banks and fintech to detect and prevent frauds using a Behavioral AI that recognizes the users just by looking at “how” they interact with the applications.

CoursesOnline

CoursesOnline

CoursesOnline.co.uk is a database listing IT security courses from providers across the UK.

MillenniumIT ESP (MIT ESP)

MillenniumIT ESP (MIT ESP)

MillenniumIT ESP provides solutions and services around Core Infrastructure, Cloud, Cyber Security, Enterprise Applications, Intelligent Automation and Data, Smart Buildings, and Managed Services.

Almond

Almond

Almond is positioned as a key independent French player in audit and consulting in the fields of Cybersecurity, Cloud and Infrastructure.

BluescreenIT (BIT)

BluescreenIT (BIT)

BluescreenIT is an IT Security Consultancy and IT and Cyber Security Training company supporting industry, local authorities, MoD and governmental IT departments.

Cyber Management Alliance

Cyber Management Alliance

Cyber Management Alliance is closing the divide in cyberspace by bringing together the best qualities of thought leadership and operational mastery of cyber security management.

BCyber

BCyber

BCyber is a Swiss Cyber Security company that provides security products, training, and managed services to protect diverse IT and OT environments against cyber, physical, and cyber-physical threats.

Nuance Communications

Nuance Communications

From revolutionizing the doctor-patient relationship to reinventing the way brands connect with their customers, Nuance technology helps organizations push the boundaries of what’s possible.

Bastion Networks

Bastion Networks

Bastion are a security-focussed managed solution provider and consultancy. We work with advanced cyber security vendors to produce managed security solutions to protect from online threats.

Secure Blink

Secure Blink

Secure Blink provides automated application and API security solutions that empower developers and security engineers to protect critical assets from exploitation.