election cybersecurity

Tag Archive

National: Ransomware feared as possible saboteur for November election | Eric Tucker, Christina A. Cassidy and Frank Bajak/Associated Press

Federal authorities say one of the gravest threats to the November election is a well-timed ransomware attack that could paralyze voting operations. The threat isn’t just from foreign governments, but any fortune-seeking criminal. Ransomware attacks targeting state and local governments have been on the rise, with cyber criminals seeking quick money by seizing data and holding it hostage until they get paid. The fear is that such attacks could affect voting systems directly or even indirectly, by infecting broader government networks that include electoral databases. Even if a ransomware attack fails to disrupt elections, it could nonetheless rattle confidence in the vote. On the spectrum of threats from the fantastical to the more probable, experts and officials say ransomware is a particularly realistic possibility because the attacks are already so pervasive and lucrative. The FBI and Department of Homeland Security have issued advisories to local governments, including recommendations for preventing attacks. “From the standpoint of confidence in the system, I think it is much easier to disrupt a network and prevent it from operating than it is to change votes,” Adam Hickey, a Justice Department deputy assistant attorney general, said in an interview. The scenario is relatively simple: Plant malware on multiple networks that affect voter registration databases and activate it just before an election. Or target vote-reporting and tabulation systems. Read More

National: Study finds election officials vulnerable to cyberattacks | Maggie Miller/The Hill

Election administrators across the country are vulnerable to cyberattacks that originate through malicious phishing emails, a report released Monday found. The report, compiled by cybersecurity group Area 1 Security, found that over 50 percent of election administrators have “only rudimentary or non-standard technologies” to protect against malicious emails from cyber criminals, with less than 30 percent using basic security controls to halt phishing emails. The study also found that around 5 percent of election administrators use personal emails, which are seen as less secure than government emails, and some election administrators use a custom email infrastructure known to have been targeted by Russian military hackers during prior elections. Email phishing is a key way hackers infiltrate networks, with hackers attempting to trick individuals into clicking on malicious links or attachments or providing sensitive information in other ways that allows the hacker to access a network. Area 1 Security noted that 90 percent of cyberattacks begin with a phishing email. Read More

National: Ransomware continues to be election-security fear for local officials | Benjamin Freed/StateScoop

The 2020 presidential election has already been upended by a disastrous pandemic that’s forced states to re-evaluate the methods by which people will vote this year. But election administrators, especially at the local level, must still contented with digital threats, like ransomware attacks, that could potentially disrupt voting infrastructure and create chaos on or after Nov. 3, county officials were warned last week during a webinar. The hourlong event, hosted by the National Association of Counties, laid out what a ransomware attack could do to a county’s ability to safely and accurately carry out an election. Ryan Macias, a former technology specialist with the federal Election Assistance Commission who is now an election security consultant to the Department of Homeland Security, laid out a pair of unsettling scenarios. “Picture it being National Voter Registration Day, Sept. 22, and your entire voter registration database is locked up,” he said. “Picture [on Nov. 3] that you’re getting to 8 p.m., close of polls, and you see a message that says: ‘Your system is locked up and you have no results for this election unless you pay us a ransom.’” Read More

National: Racing the Clock on Election Security | John Breeden II/Nextgov

Believe it or not, there are less than 100 days before the next presidential election. And in addition to picking a president, most of us are also voting for scores of federal, state and local officials as well. In addition to all of that, we have the COVID-19 pandemic which has many voters rightly concerned for the safety of both themselves and election workers. To compensate, many states are modifying the way that people are voting, both in-person and remotely. And this could open states up to new or unexpected cyber threats and physical challenges. A perfect example of a physical challenge occurred during the recent primary election in New York. The New York Daily News reports that one in five absentee ballots cast in New York City were rejected for technical reasons. That’s over 100,000 votes that didn’t get counted. On the cybersecurity side, the Wall Street Journal reports that less than 20% of election officials nationwide have anti-phishing protection on their email, and many are using personal email addresses for official election board business. While there is no direct connection between email and the voting machines themselves, it does present a window that enterprising attackers could use to try and manipulate the election. Read More

Colorado: Official details plans for penetration testing of election systems | Benjamin Freed/StateScoop

The Colorado secretary of state’s office said Tuesday it is partnering with the security firm Synack to conduct penetration tests of its election systems ahead of the presidential vote. In an interview with StateScoop, Trevor Timmons, the chief information officer for Secretary of State Jena Griswold, said Synack’s team of white-hat hackers will poke and prod the agency’s election infrastructure, including the statewide voter registration database and Griswold’s office’s main website. “We need to know [vulnerabilities],” Timmons said. “We’ve got enough time that if they found anything we’d be able to respond to them.” Timmons said Synack will be focusing on anything that’s “internet-connected.” While Colorado is one of five states where nearly all voters cast ballots by mail, the penetration tests will also include electronic poll books at physical precincts for people who choose to vote in person. Colorado has used penetration testers to review its election systems before, Timmons said, including services offered by the U.S. Department of Homeland Security and other private companies. But he also said that Synack, which has offered its services to election officials in previous cycles, is providing these tests on a pro bono basis as part of an expansion into the election space. Read More

North Macedonia: Prosecutors investigate SEC software procurement after hacker attack | bne IntelliNews

North Macedonia’s Public Prosecution Office has launched a pre-investigation procedure over the procurement of software for election purposes by the state election commission (SEC) after its website was hacked following the July 15 vote, media reported on July 28. The election platform of the SEC was brought down by unknown hackers immediately after voting in the snap general election ended at 9pm on July 15. This prevented journalists and other interested people from monitoring the election results, which were announced with a huge delay a day after the election. Public prosecutors entered the SEC premises and seized the entire tender documentation to check the legality of the procurement of the software for the election results following media reports, 24mk reported. The president of the SEC Oliver Derkovski confirmed that prosecutors seized the documentation, but underlined that the procurement was legal. Read More

National: There’s so much unjustified hype and hope about online voting | Susan Greenhalgh and Michael Fernandez/The Fulcrum

The coronavirus pandemic has upended everyone and everything, creating a new normal: living over the internet. Members of the House who fear the health risks of coming to the Capitol have even been permitted to transmit electronically their votes for legislation. But this shouldn’t be seen as any green light for states to consider online voting in our elections. Unlike Congress, which has insisted that transparency be central to its first-ever foray into proxy voting, the American electoral system relies on the citizens’ choices remaining secret. A ballot cast over the internet could be undetectably manipulated by hackers. House members’ remote votes are public record, delivered in writing and then announced verbally during each roll call, so any attempted hacking would be easily exposed. To keep voters safe during the Covid-19 outbreak, many states are making it easier to vote by mail and thereby avoid close contact at polling places. Their plans must also include adequate accommodations for disabled voters, But any proposal that we move to online voting is contrary to the evidence. Architects of the internet and cybersecurity warn that online voting is still inherently insecure. Read More

National: Senior intelligence official warns Russia, Iran, China targeting U.S. elections | Maggie Miller/The Hill

A senior intelligence official within the Office of the Director of National Intelligence (ODNI) on Friday warned that Russia, Iran and China were attempting to sway the 2020 elections. William Evanina, the director of the National Counterintelligence and Security Center, noted that the ODNI had been regularly briefing members of Congress, presidential campaigns and political committees on these foreign threats to elections “in recent months.” “Foreign nations continue to use influence measures in social and traditional media in an effort to sway U.S. voters’ preferences and perspectives, to shift U.S. policies, to increase discord and to undermine confidence in our democratic process,” Evanina said in a statement on Friday. “The coronavirus pandemic and recent protests, for instance, continue to serve as fodder for foreign influence and disinformation efforts in America.” He warned that “at this time, we’re primarily concerned with China, Russia and Iran — although other nation states and non-state actors could also do harm to our electoral process. Our insights and judgments will evolve as the election season progresses.” Evanina said that China is using influence efforts to “shape the policy environment” in the United States, and was conscious that these efforts could “affect the presidential race.” Read More

National: Election Officials Are Vulnerable to Email Attacks, Report Shows | Robert McMillan/Wall Street Journal

Many of the thousands of county and local election officials who will be administering November’s presidential election are running email systems that could leave them vulnerable to online attacks, a new report has found. Cybersecurity vendor Area 1 Security Inc. tracked more than 12,000 local officials and determined that over 1,600 used free or nonstandard email software that often lacks the configuration and management protection found with large cloud-service providers. More than half of the officials used email systems with limited protection from phishing attacks, Area 1 said. The findings underscore problems with the country’s diverse, locally administered election system that attracted the attention of state-sponsored hackers four years ago. In 2016, Russian hackers targeted dozens of election systems in the U.S. and breached two counties in Florida. And while security officials and election officials say that much has been done to improve the security of these systems, email could be another avenue of incursion, especially for attackers looking to disrupt or undermine confidence in the November election, according to Oren Falkowitz, Area 1’s chief executive. Often, all it takes for a cyber intrusion is a single software bug or misconfigured system, Mr. Falkowitz said in an interview. “When you run your own service and you don’t partner with someone to professionally manage it, it means you have to be perfect every single day,” he said. “That’s really hard.” Read More

National: Cybersecurity Experts Caution Against Calls to Expand Online Voting | Aila Slisco/Newsweek

Calls for an expansion of online voting are being met with concern from cybersecurity experts who caution that votes could be easily manipulated if the practice is widely adopted. West Virginia Secretary of State Mac Warner has recently called for states to expand online voting for overseas military members and people with disabilities that prevent them from voting in person without assistance. West Virginia is one of several states that allow online and mobile voting for overseas military and this year expanded the practice to include disabled people, with 180 voting in a pilot program during the June primary, including 25 disabled people. In 2018, the state was the first to offer voting using a mobile app for service members, with 144 using the technology to vote in that year’s general election, according to a report from the Military Times. In Georgia’s DeKalb County, lawmakers last month called for online voting to become available for all voters throughout the state, according to The Champion. Similar calls have been made by officials and advocates in other states, along with prominent figures like former presidential candidate Andrew Yang, who tweeted about the issue last week. However, cybersecurity experts caution that online voting could present major threats to the integrity of elections since ballots transmitted online are especially vulnerable to attacks from hackers. Limited online voting has been experimented with for years in the U.S., and used on a larger scale in a handful of other countries, but experts say that vulnerabilities are inevitably found in systems when they are examined closely. Read More

National: Democrats say Trump election czar isn’t telling the whole story about Russian interference | Ken Dilanian/NBC

The Trump administration’s election security czar issued a rare statement describing foreign efforts to interfere in the 2020 election Friday. Democrats labeled it misleading, saying it failed to convey the scope of Russia’s interference and how its messaging matches that of President Donald Trump. With just over 100 days until the November election, the statement came from Bill Evanina, a career FBI agent who serves as the top counterintelligence official in the Office of the Director of National Intelligence. Evanina has been given the task of coordinating what to tell Congress and the public about foreign political interference. American adversaries are “seeking to compromise the private communications of U.S. political campaigns, candidates and other political targets,” Evanina said in Friday’s statement, and they “also seek to compromise our election infrastructure, and we continue to monitor malicious cyber actors trying to gain access to U.S. state and federal networks, including those responsible for managing elections.” “In addition, foreign nations continue to use influence measures in social and traditional media in an effort to sway U.S. voters’ preferences and perspectives, to shift U.S. policies, to increase discord and to undermine confidence in our democratic process,” Evanina said. “The coronavirus pandemic and recent protests, for instance, continue to serve as fodder for foreign influence and disinformation efforts in America.” Read More

National: Microsoft Makes Azure Compatible with Election Security Sensors | Phil Goldstein/StateTech Magazine

With a little more than 100 days before the general election on Nov. 3, state governments, nonprofits and technology companies are increasing their efforts to enhance election cybersecurity. In late June, Microsoft announced a partnership with the nonprofit Center for Internet Security, which runs the Elections Infrastructure Information Sharing and Analysis Center. Microsoft has made its Azure cloud platform compatible with election network security sensors from CIS. Separately, CIS launched a pilot program with several states to test and verify voter registration databases, election night reporting systems and other systems. Taken together, they represent increased election security efforts. However, time is running out before Election Day, making it urgent for state and local governments to put new enhancements in place sooner rather than later. Read More

North Macedonia: Russia denies interfering in North Macedonia’s July 15 general election | Valentina Dimitrievska/bne IntelliNews

Accusations of Russian interference in North Macedonia’s July 15 snap general election are “absurd”, Russian foreign ministry spokesperson Maria Zakharova told a news conference on July 23. Many anonymous audio recordings were revealed during the pre-election campaign, compromising politicians from both the ruling SDSM and the opposition VMRO-DPMNE. There were also a series of hacker attacks around election day, including against the State Election Commission (SEC) website. However, no official accusations have been levelled at Moscow in connection to the vote. Zakharova commented on the election in response to a journalist’s question, and accused Western politicians of hypocrisy and a “cynical use of double standards”. “It was not difficult to notice a series of video messages posted by senior Western politicians during the election campaign in North Macedonia that openly and persistently called on people to vote for one or another party. Against the background of this foreign interference, speculations about certain Russian influence are absolutely unfounded and completely absurd,” Zakharova said. The election resulted in a slim victory for the SDSM, which won only two more seats in the parliament than VMRO-DPMNE, making the formation of a new cabinet difficult. Read More

United Kingdom: ISC Attributes Cyber-Attacks and Election Interference to Russia | Dan Raywood/Infosecurity Magazine

Russia has been named as a “highly capable cyber-actor” by the UK government’s Intelligence and Security Committee. Claiming that “the UK is one of Russia’s top Western intelligence targets,” particularly given the UK’s firm stance against recent Russian aggression and the UK-led international response to the 2018 Salisbury attack, the ISC warned that Russia’s intelligence services are disproportionately large and powerful and are able to act without constraint. This has allowed a fusion between state, business and serious and organized crime making Russia an all-encompassing security threat. In terms of the cyber-threat, the ISC report stated that Russia employs organized crime groups to supplement its cyber-skills and carries out malicious cyber-activity in order to assert itself aggressively with democratic interference having “undertaken cyber pre-positioning on other countries’ Critical National Infrastructure.” The report claimed: “Given the immediate threat this poses to our national security, we are concerned that there is no clear coordination of the numerous organizations across the UK intelligence community working on this issue; this is reinforced by an unnecessarily complicated wiring diagram of responsibilities amongst Ministers.” Read More

National: As November Looms, So Do Cybersecurity Concerns for Elections | Adam Stone/FedTech Magazine

The action related to the hotly anticipated primary election season was expected to last for months. With dozens of Democratic candidates still on the ballot for the first primary in New Hampshire, social media taking an active role in campaigning and the threat of foreign influence on the election playing out, election officials were keenly aware of the need to keep the elections secure. Heightened public interest came to a near halt in early March — when former Vice President Joe Biden essentially nailed down the Democratic nomination on Super Tuesday, and the COVID-19 pandemic sent voters home and delayed primaries — but cybersecurity experts remain on high alert as they look to November. When voting patterns get disrupted, the bad actors who watch U.S. elections closely may seek to sway the outcomes, either by tampering with systems or by chipping away at public trust, they say. “This is a highly scrutinized space,” says Geoff Hale, director of the Election Security Initiative at the Cybersecurity and Infrastructure Security Agency, part of the Department of Homeland Security. “Anything that goes wrong can be used to undermine confidence in the institution.” Read More

National: Election officials praised for sharing information, knocked for sharing passwords | Benjamin Freed/StateScoop

State and local election officials have done a “tremendous” job reporting information about potential cyberthreats during the 2020 cycle, a senior Department of Homeland Security official said Tuesday. But some, particularly at the city and county level, are also still in the unfortunate habit of not changing default passwords on new equipment or even sharing credentials, Matt Masterson, a senior adviser at DHS’s Cybersecurity and Infrastructure Security Agency, told the National Association of Secretaries of State online conference. “CISA has observed instances where several people in election-related offices having been sharing passwords over e-mail or default passwords are being used,” read one of the slides Masterson shared. Still, Masterson praised the actions that states’ top election officials have taken over the past few years to secure their network infrastructure and increase the amount of information they share with their counties and with federal entities like CISA, especially through organizations such as the Election Infrastructure Information Sharing and Analysis Center. “We really have a much better picture of the election landscape,” he said. “We’re much more likely to feel a tremor in the Force now compared to 2016.” Read More

National: The future of voting probably still requires a paper backup | Andrew Marino/The Verge

The week on our Vergecast interview series, cybersecurity journalist Kim Zetter talks with The Verge’s Nilay Patel and Russell Brandom about the state of election security in the United States. The circumstances of a pandemic in an election year has complicated the voting process. In an analysis by NPR, it was found that thousands of mail-in ballots for the 2020 primaries were rejected because of late arrival, even in cases where the voter sent it in on time. In the 2020 Iowa caucus, paper backups of ballets needed to be relied upon after an app that was created to tally the votes started giving error messages. Zetter says if we’re going to use computers and software to count votes in an election, there also needs to be another system in parallel to secure the outcome. “You need to have the paper backup,” she says. “You need to have an auditing mechanism in place and an auditing law in place. And then you need the resources given to election officials for this process to succeed by November.” Read More

National: Joe Biden is putting the Kremlin on notice about election interference | Joseph Marks/The Washington Post

Democrats are sounding alarms about foreign election interference and pledging to punch back hard against Russia or any other adversary that undermines U.S. voting. In his most expansive statement to date on the subject, presumptive Democratic presidential nominee Joe Biden pledged to “leverage all appropriate instruments of national power and make full use of my executive authority to impose substantial and lasting costs on state perpetrators [of election interference]” if he wins the White House. “I am putting the Kremlin and other foreign governments on notice,” the former vice president said. “If elected president, I will treat foreign interference in our election as an adversarial act that significantly affects the relationship between the United States and the interfering nation’s government.” Democratic leaders in Congress, meanwhile, publicly released a July 13 letter to FBI Director Christopher Wray suggesting Congress itself is being used as a tool to “launder and amplify” foreign disinformation about the election. The letter didn’t specify how that’s happening but a congressional aide said the claim is based on intelligence information included in a classified addendum to the letter. The letter demands a briefing for all members of Congress. on the threats. It was signed by House Speaker Nancy Pelosi (D-Calif.), Senate Minority Leader Charles Schumer (D-N.Y.), House Intelligence Chairman Adam Schiff (D-Calif.) and Sen. Mark Warner (Va.), top Democrat on the Senate Intelligence Committee. Read More

New York: Board of Elections Gears Up for Cyberattacks on November Elections |David Uberti/Wall Street Journal

New York state is training election officials on cybersecurity measures this week in the latest attempt to shore up voting systems before November. The state’s Board of Elections began a series of exercises Tuesday to simulate potential attacks on local governments such as disinformation campaigns, malware targeting voting machines and the disruption of systems that store voter registration data. The training is aimed at improving collaboration between county boards of elections and information-technology departments, said John Conklin, a spokesman for the New York State Board of Elections. “There’s a little bit of tension there,” he said. “The county boards are in a much better position now than they were in 2016, and even 2018.” County election and IT officials, along with third-party vendors that supply software or other support to governments, are participating in the workshops. They comprise one prong of New York’s strategy to protect the integrity of the vote. The Board of Elections also has produced a risk assessment for each of the state’s 62 counties, created an elections task force to monitor potential threats and provided annual cybersecurity training to local officials since 2018. Read More

Australia: Support grows for an Australian active cyber defence program | Stilgherrian/ZDNet

Tuesday’s industry advisory panel input into Australia’s long overdue 2020 Cyber Security Strategy is a grab-bag of ideas, but what jumps out at your correspondent is its support for active cyber defence (ACD). ACD has been at the centre of the UK government’s cyber defences since 2016. It aims to raise the cost and risk of mounting commodity cyber attacks while reducing the return on investment for criminals. The National Cyber Security Centre (NCSC) has deployed anti-spam defences across the .gov.uk domains and is monitoring internet routing to stop DDoS attacks and route hijacks. It’s been remarkably transparent about its progress, and it’s also led to some big wins. While the NCSC is concerned primarily with government networks, telcos and private-sector organisations are able to plug in. The UK’s program is “a best practice model for Australia to emulate”, according to Australia’s cyber industry advisory panel. “The panel strongly supports the increased use of threat blocking for low-sophistication threats,” they wrote. Support for blocking threats at scale was the highest among those on the front lines of the battle against cybercrime — particularly financial institutions.” Read More