Foreign Hackers Threaten US Election Security

Uploaded on 2020-10-07 in GOVERNMENT-National, FREE TO VIEW

The FBI and yhe US Cybersecurity and Infrastructure Security Agency (CISA) have issued an announcement to alert the public to the potential threat of foreign interference in reporting the 2020 US election results and other disinformation campaigns. According to these government agencies, foreign actors and cybercriminals will likely  create or alter websites, and share or create false social media content that discredits the electoral process and undermines confidence in US democratic institutions.

Due to the COVID-19 pandemic, postal ballots will be widely used in the elections this year, leaving officials with an incomplete vote on election night. Foreign threat actors will likely take advantage of this if it occurs.

State and local elections typically take several days to certify election results, ensuring that every vote cast legally has been included in the results. Foreign actors and cybercriminals could use this time gap to their advantage, releasing fake reports that claim voter suppression, cyberattack targeting election infrastructure, ballot fraud, or other issues that it claims occurred to undermine the election’s legitimacy. 

The US government agencies are urging Americans to take extra care in ensuring the legitimacy of their information and seeking multiple sources.

One example recently is where voters and election administrators who emailed Leanne Jackson, the clerk of rural Hamilton County in central Texas, received bureaucratic-looking replies. “Re: official precinct results.” But Jackson didn’t send the messages. Instead, they came from Sri Lankan and Congolese email addresses, and they cleverly hid malicious software inside a Microsoft Word attachment. By the time Jackson learned about the forgery, it was too late. Hackers continued to fire off look-alike replies. Jackson’s three-person office, already grappling with the coronavirus pandemic, ground to a near standstill.

The type of malware deployed against Hamilton, called Emotet, often serves as a delivery mechanism for later ransomware attacks, in which swindlers commandeer a victim’s computer and freeze its files until a ransom is paid. Emotet tricks users into clicking on plausible-looking messages and following phony instructions that in reality disable security settings in Microsoft Office. If successful, the ruse allows the malware to hijack the victim’s email conversations and send phony replies from bogus accounts. Malware attached to the messages is primed for a new set of targets automatically selected from the victim’s inbox, further spreading the infection.

US officials have expressed concern that those attacks, which have paralysed government agencies, police departments, schools and hospitals, could potentially disrupt the election.

Harvard’s Belfer Center for Science and International Affairs, which specializes in establishing best practices for political campaigns and election officials, said in a February 2018 report that election officials should “create a proactive security culture.” For political campaigns, the group suggested using cloud-based email and office software, which are more likely to neutralise threats like Emotet before they reach a user’s inbox. Experts said smaller governments with fewer resources should heed that advice.

The county’s email system lacks two-factor authentication, a standard protection involving a second means of verifying a user’s identity. It also hasn’t implemented DMARC, a system that helps organisations and businesses confirm that emails sent from their addresses are authentic.

The FBI and CISA urge the American public to critically evaluate the sources of the information they consume and to seek out reliable and verified information from trusted sources, such as state and local election officials. The US public should also be aware that if foreign actors or cyber criminals were able to successfully change an election-related website, the underlying data and internal systems would remain uncompromised.

IC3:     ProPubica:        DefenseOne:      ProgExas:      KXXV:      GCN:      Oodaloop:

You Might Also Read:

Chinese Hackers Spying On US Government Agencies:

 

« Is Slack Secure For Your Business?
Social Media Campaigns Designed To Disrupt US Election »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Micron Technology

Micron Technology

Micron is a global leader in the semiconductor industry providing memory and secure storage devices for Networks, Mobile devices and IoT applications.

Secardeo

Secardeo

Secardeo is a provider of corporate solutions using digital signatures and certificates. Our solutions enable the user transparent end-to-end encryption of e-mails between organizations.

DANAK

DANAK

DANAK is the national accreditation body for Denmark. The directory of members provides details of organisations offering certification services for ISO 27001.

HUB Security

HUB Security

Hub Security provide Ultra Secure, Military Grade HSM (Hardware Security Module) Solutions for Blockchain and Digital Assets.

PQShield

PQShield

PQShield are specialists in Post-Quantum Cryptography. We provide quantum-secure cryptographic solutions for software, software/hardware co-design and data in transit.

IT Band Systems

IT Band Systems

IT Band Systems is an international provider of IT products and services including web server monitoring and web security consulting.

Suridata

Suridata

Suridata’s SaaS Security platform enables organizations to secure the use of SaaS applications.

Redbot Security

Redbot Security

Redbot Security provides industry leading manual penetration testing. Protecting critical systems and data - red team attack and breach simulations, (OT) critical infrastructure testing.

Cyber Chasse

Cyber Chasse

Cyber Chasse is an IT consulting and staffing company offering a full range of cybersecurity solutions, contract staffing services and online training courses.

Training.com.au

Training.com.au

Training.com.au is a comparison website through which those looking to learn about different aspects of cyber security can compare learning courses from training providers from across Australia.

Breathe Technology

Breathe Technology

Breathe Technology has been providing Managed IT Support/ Service Desk, Cloud Services, Cyber Security & Communications to businesses and schools since 2003.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Advania UK

Advania UK

Advania are one of Microsoft’s leading partners in the UK, specialising in Azure, Security, Dynamics 365 and Microsoft 365.

ViCyber

ViCyber

ViCyber is an Australian based company whose mission is to simplify and strengthen cybersecurity for all businesses, irrespective of size.

Tria Federal

Tria Federal

Tria Federal is the premier middle-market Technology and Advisory services provider delivering digital transformation solutions to federal health and public safety agencies.

Neqst

Neqst

Neqst is an investment firm specialising in profitable growth companies within the Nordic software and IT-services sectors.