CISA Reports No Significant Attacks On US Elections

Following early warnings of the threat of interference from malicious foreign hackers in advance of this week's US House and Senate elections the US election processes continues to be a target of interest for malicious actors. 

Now, the Cybersecurity and Infrastructure Security Agency (CISA) has confirmed there were a number of cyber attacks on State and local election websites during the 2022 midterms. 

Reassuringly, however, those early warnings have been heeded by the local-level government agencies responsible for running the elections and no significant harm has been identified. 

“Election systems that house voter registration information or manage non-voting election processes continue to be a target of interest for malicious threat actors,” says CISA's report. However, there has been no specific or credible threat to disrupt election infrastructure or Election Day operations. “We’ve seen no activity that should cause anyone to question the security, integrity or resilience of our election infrastructure,” said a senior CISA official said. 

In Mississippi, the secretary of state’s website, which serves as a digital resource for election-related information and is not involved in vote tabulations, was temporarily inaccessible after experiencing “an abnormally large increase in traffic volume due to DDoS activity,” the office said in a statement. These were attempts to disrupt access to websites and servers by overwhelming them with manipulated online traffic, often through the use of bots or a network of hijacked computers. 

“We want to be extremely clear and reassure Mississippians our election system is secure and has not been compromised,” the Mississippi secretary of state’s office confirmed. 

CISA worked closely with state and local jurisdictions to help officials detect and stop cyber-attacks and threats made against election management and 14 states used cyber teams to help secure voting systems. This cyber security work has been successful for this election, as CISA has said it was only “checking a handful” of jurisdictions.

CISA:    NextGov:      DefenseOne:    Cyberwire:       The Record

You Might Also Read: 

The Personal Data Being Used To Get Your Vote:

 

« The Reality Check For Small & Medium Businesses
Why Are Businesses Still Falling Victim To Ransomware? »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

WEBINAR: How To Build And Implement An Effective Endpoint Detection And Response Strategy

WEBINAR: How To Build And Implement An Effective Endpoint Detection And Response Strategy

Join this webinar to learn how the cloud threat landscape is evolving and organizations are deploying more advanced and capable security controls at scale.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Atkins

Atkins

Atkins is a market-leading design, engineering and project management consultancy operating in fields ranging from infrastructure, through energy and transport to cybersecurity.

Wizard Computing

Wizard Computing

Wizard Computer Services is a full service IT solutions provider that offers managed services, consultation, installation, and support to small and large businesses in New England.

National Cyber Security Centre (NKSC) - Lithuania

National Cyber Security Centre (NKSC) - Lithuania

NKSC is the main Lithuanian cyber security institution, responsible for unified management of cyber incidents, monitoring and control of the implementation of cyber security requirements.

Cryptus Cyber Security

Cryptus Cyber Security

Cryptus Cyber Security is an Information Security Training company providing advanced training and services to IT Professionals.

HyTrust

HyTrust

HyTrust specialises in security, compliance and control software for virtualization and cloud environments.

CSIS Security Group

CSIS Security Group

CSIS provide actionable threat intelligence, prevention, incident response and 24/7 managed security services.

Vaulto Technologies

Vaulto Technologies

Vaulto protects critical business processes that are conducted via the cellular network.

exceet Secure Solutions

exceet Secure Solutions

exceet Secure Solutions is your experienced specialist for Internet of Things (IoT), Heath Telematics, electronic signatures and timestamps and IT security.

Austrian Trust Circle

Austrian Trust Circle

Austrian Trust Circle is an initiative of CERT.at and the Austrian Federal Chancellery and consists of Security Information Exchanges in the areas of the strategic information infrastructure.

Phosphorous Cybersecurity

Phosphorous Cybersecurity

Phosphorus has fully automated remediation of the two biggest IoT vulnerabilities, out of date firmware and default credentials.

CertiPath

CertiPath

CertiPath create products and services that ensure the highest levels of validation for digital identities that attempt to access customers’ networks.

Research Institute in Secure Hardware and Embedded Systems (RISE)

Research Institute in Secure Hardware and Embedded Systems (RISE)

The UK Research Institute in Secure Hardware and Embedded Systems (RISE) seeks to identify and address key issues that underpin our understanding of Hardware Security.

SecureStream Technologies

SecureStream Technologies

SecureStream Technologies have built the IoT SafetyNet - the Network Security Analytics platform to Eliminate Security Threats, Guarantee Privacy, Ensure Compliance, Simply & Easily.

Lucidum

Lucidum

The Lucidum platform helps you assess risk and mitigate vulnerabilities by finding and correlating data from your security tech stack.

AccountabilIT

AccountabilIT

AccountabilIT is a full spectrum information technology services firm for enterprises with complex information technology needs seeking relief from those challenges.

ViewDS Identity Solutions

ViewDS Identity Solutions

ViewDS Identity Solutions develops innovative identity software including cloud identity management solutions, directory services, access and authorization management solutions.