Hackers Target Election Systems in 20 US States


The US government has formally accused Russia of hacking the Democratic party’s computer networks and said that Moscow was attempting to “interfere” with the US presidential election.

The Russians have every reason to sabotage the Democratic candidate. Her opponent, Donald Trump, is more pro-Russia than any previous presidential candidate.  

As far back as 2007, Trump was telling CNN that Russian President Vladimir Putin was doing a “great job.” In 2013, Trump tweeted: “Do you think Putin will be going to The Miss Universe Pageant in November in Moscow, if so, will he become my new best friend?” In 2015, Trump told MSNBC that Putin was a real leader, “unlike what we have in this country,” and that reports of Putin killing political opponents didn’t bother him, “Well, I think our country does plenty of killing also,” he said.

Trump repeatedly says he would “get along very well with” Putin. In return Putin has praised Trump as “bright and talented.” Trump positively glows as he repeats reports that “Putin likes me.”

The Trump-Russia links beneath the surface are even more extensive, as Franklin Foer has shown in Slate. Trump has sought and received funding from Russian investors for his business ventures, especially after most American banks stopped lending to him following his multiple bankruptcies. 

Trump’s de facto campaign manager, Paul Manafort, was a longtime consultant to Viktor Yanukovich, the Russian-backed president of Ukraine who was overthrown in 2014. Manafort also has done multimillion-dollar business deals with Russian oligarchs.

Hillary Clinton and US officials have blamed Russian hackers for stealing more than 19,000 emails from Democratic party officials, but this announcement marked the first time that the Obama administration has pointed the finger at Moscow.

Based on the scope and sensitivity of these efforts, that only Russia’s senior-most officials could have authorized these activities,” said the office of the director of national intelligence and the Department of Homeland Security (DHS) in a joint statement.

The accusation marked a new escalation of tensions with Russia and came shortly after the US secretary of state, John Kerry, called for Russia to be investigated for war crimes in Syria.

Vladimir Putin’s spokesman dismissed the accusation as “rubbish.”

“Every day Putin’s website gets attacked by several tens of thousands of hackers. A lot of these attacks are traced to the territory of the USA, but we do not blame the White House or Langley each time,” he told the Interfax news agency.

The White House declined to say whether the formal attribution would trigger sanctions against Russia.

The US agencies said that some US states had detected attempts to breach their election systems, and that most of those attempts originated from servers operated by a Russian company. “However, we are not now in a position to attribute this activity to the Russian Government,” the statement said.

The agencies said that the “decentralised nature” of the US voting systems, as well the lack of connectivity between voting machines themselves, would protect against Russian-sponsored electoral tampering. 

But they urged states across the country to seek additional cybersecurity aid from the DHS. Recently, the homeland security secretary, Jeh Johnson, said that 21 of the 50 states in the US had sought to improve cybersecurity at the voting booth thus far.

How does a Hack happen?

The question on the mind of many voting security experts is not whether hackers could disrupt a US election. Instead, they wonder how likely an election hack might be and how it might happen.

First of all, there are technology challenges, more than 20 voting technologies are used across the country, including a half dozen electronic voting machine models and several optical scanners, in addition to hand-counted paper ballots.

But the major difficulty of hacking an election is less a technological challenge than an organisational one, with hackers needing to marshal and manage the resources needed to pull it off, election security experts say. And a handful of conditions would need to fall into place for an election hack to work.

Many US voting systems still have vulnerabilities, and many states use statistically unsound election auditing practices, said Joe Kiniry, a long-time election security researcher.

The US Department of Homeland Security is urging state and local election officials to seek assistance from the federal government to fend off cyberattacks that could be used to manipulate the results of the November presidential elections.

The agency is ready to provide any assistance to help states secure their systems, if they request it, Jeh Johnson, the secretary of homeland security, said in a statement recently. Threats are rising that criminals will use cyberattacks to try to disrupt the administration of US elections, the agency said.

“These challenges aren’t just in the future, they are here today,” Johnson said in the statement. “In recent months, malicious Cyber-actors have been scanning a large number of state systems, which could be a preamble to attempted intrusions. In a few cases, we have determined that malicious actors gained access to state voting-related systems.”

There have been hacking attempts on election systems in more than 20 states, far more than had been previously acknowledged, a senior Department of Homeland Security official has told NBC News on late September.

The "attempted intrusions" targeted online systems like registration databases, and not the actual voting or tabulation machines that will be used on Election Day and are not tied to the Internet.

The DHS official described much of the activity as "people poking at the systems to see if they are vulnerable."

"We are absolutely concerned," the DHS official said. "The concern is the ability to cause confusion and chaos." 

Only two successful breaches have been disclosed, both of online voter registration databases, in Illinois and Arizona over the summer. While those two hacks were linked to hackers in Russia, the DHS official did not say who was responsible for the other failed attempts, noting that "we're still doing a lot of forensics.” Meanwhile, intelligence officials tell NBC News there is now "no doubt" the Russian government is trying to influence the election.

Classified material, prepared for briefings of Donald Trump and Hillary Clinton and examined by NBC News, reveals that officials have drawn "direct links" between Vladimir Putin's government and the recent series of hacks and leaks. The secret material confirms what lawmakers on the Senate and House Intelligence Committees said they had concluded recently, based on briefings they received.

"At the least, this effort is intended to sow doubt about the security of our election and may well be intended to influence the outcomes of the election, we can see no other rationale for the behavior of the Russians," Sen. Dianne Feinstein and Rep. Adam Schiff, said in a statement.

For weeks, American officials have been saying that Russian intelligence agencies were behind hacks into the DNC, state election databases and other political entities, but they weren't definitive about the motive since nations routinely hack into their adversaries' political organisations to gather information for spying purposes.

Here are three Election Hacking Scenarios:

1.    An attack on DREs that depends on physical access in the weeks leading up
to the election.

This attack would involve hackers actually infiltrating election teams or depending on poor physical security surrounding voting machines. In the years of the DRE rush following the 2000 election, many voting security experts showed a host of vulnerabilities that depended largely on physical access to the machines.

This is a potential attack vector that would likely involve a fairly large number of sneaky conspirators who don’t get caught.

Given all those potential problems, this attack is probably unlikely. It’s an "unsophisticated version" of an election hack, said Free and Fair's Kiniry.

2.    An attack on DREs during software updates.

This is a more likely scenario than No. 1. While DREs aren’t supposed to be connected to the internet during an election, many DRE models get software updates through network connections.

A lack of an internet connection on Election Day does not make DREs "immune to internet hacking," because of their election management systems [EMSes], Jones said. A "clever hacker" could inject malware into DREs during the process used to load ballots and other election configuration information, he said.

The basic pre-election checks in many states might not find the malware, he added. "Malware can be made that triggers only on the first Tuesday after the first Monday of November in an even-numbered year," he said. "Malware can be made to trigger only if the polls are open for longer than six hours. Malware can be made to trigger only if the machine is used by more than 25 voters."

Unplugging DREs from the Internet is a "red herring," Kiniry added. "The threat vectors on DREs and similar equipment -- as shown many times by security researchers -- are manifold," he said. "Installing malware in an EMS over the 'Net and then having that EMS infect a ballot definition file written on a USB stick or DVD is totally a thing."

3.    Finally, the goal of some hackers may be to raise doubts about the election results, instead of swinging the election for one candidate.

This is the scariest potential attack because the hackers would need to compromise just one election system in one jurisdiction, and it wouldn't need to be in a swing state or affect the outcome of the election.

With recent attacks on the Democratic National Committee, some US law enforcement authorities have accused Russian hackers of trying to influence the election. Republican Trump has suggested that if he loses in November, the election will be "rigged."

A close election is needed for hackers "only if you are looking to actually change the outcome," Kiniry said. "If all you want to do is cast doubt on the outcome, it doesn't matter if it is a landslide for Clinton or a squeaker for Trump, you just do a hack or two and reveal it to the media after-the-fact."

Hackers could also tamper with election registration lists to raise questions, Jones added. Or they could release forged emails that make it appear the election was hacked.

"If I were Vladimir Putin or the kind folks in North Korea, I wouldn't really care who won the election, what I'd want to do is delegitimise the election," he added. "To do that, you don't need to successfully hack it, you just need to create the widespread impression that it has been hacked."

Information-Management

 

« Cyber Security & The US Presidential Race
What Does Brexit Mean For British Data Privacy? »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Verimuchme

Verimuchme

Verimuchme is a digital wallet and exchange platform to secure, verify and re-use personal information.

Cyberbit

Cyberbit

Cyberbit empowers cybersecurity teams to be fully prepared with a product portfolio ready to detect and respond effectively across both IT and OT networks.

Ikarus Security Software

Ikarus Security Software

Ikarus focuses on antivirus and content-security solutions.

Labris Networks

Labris Networks

Labris Networks specializes in DDoS mitigation, NG Firewall, Unified Threat Management, Centralized Management, Regulatory Compliances and SOC/CERT Services.

Cyberlitica

Cyberlitica

Cyberlitica provides a Workforce Threat Intelligence application that significantly augments companies’ cyber threat prevention efforts.

Government Communications Security Bureau (GCSB)

Government Communications Security Bureau (GCSB)

GCSB contributes to New Zealand’s national security by providing information assurance and cyber security to the New Zealand Government and critical infrastructure organisations.

Excelerate Systems

Excelerate Systems

Excelerate Systems is a leading provider of IT services with a focus on Big Data, Cloud Services and Security.

Marvell Technology Group

Marvell Technology Group

Marvell is a semiconductor company providing solutions for storage, processing, networking, security and connectivity.

PeopleSec

PeopleSec

PeopleSec specializes in the human element of cybersecurity with a comprehensive set of services designed to maximize your security by educating your workforce as a whole.

24By7Security

24By7Security

24By7Security are Cybersecurity & Compliance Specialists with extensive hands on experience helping businesses build a defensive IT Infrastructure against all cyber security threats.

Cygenta

Cygenta

Cygenta brings a new approach to cybersecurity. We understand that true security means having digital, human and physical security working in harmony.

Meditology

Meditology

Meditology Services is a top-ranked provider of information risk management, cybersecurity, privacy, and regulatory compliance consulting services exclusively for healthcare organizations.

ProLion

ProLion

ProLion provides Data Integrity solutions that ensure organisations’ data remains secure, compliant, manageable and accessible.

Anterix

Anterix

Anterix is focused on empowering the modernization of critical infrastructure and enterprise businesses by enabling private broadband connectivity.

CV-Library

CV-Library

Start your job search with 216,931 live UK vacancies on award-winning CV-Library. Register your CV and find local jobs near you today!

Ever Nimble

Ever Nimble

Ever Nimble are award-winning experts in IT support, cybersecurity, and cloud technology. Our proactive approach will enhance your security and protect you from cyber security threats.