U.S. Government Moves To Defend 2020 Election From State-Sponsored Cyberattacks
The U.S. Government is planning a move to protect voter registration databases and systems against cyberattacks including ransomware ahead of the 2020 election. According to Reuters, intelligence officials fear the databases may be targeted by nation state hackers, who will seek to “manipulate, disrupt or destroy” the data.
Get started on your cybersecurity degree at American Military University.
It comes after the systems used to validate voters’ eligibility were compromised in 2016 by Russian adversaries keen to influence the outcome of the election.
The systems were deemed to be a risk because they are one of the few pieces of election technology still connected to the internet, U.S. officials said.
Specifically, the Cybersecurity Infrastructure Security Agency (CISA) is concerned that databases could be targeted by ransomware, which encrypts data so it is unreadable until the victim pays the attacker–usually in cryptocurrencies such as Bitcoins.
Ransomware in the news
Ransomware has been a feature of several attacks on U.S. cities in recent months. In June, Florida City Riviera Beach paid out an astonishing $600,000 to ransom hackers that took over its systems a few weeks previously. More recently this month, a Texas Cyberattack took 23 government agencies offline.
The new U.S. government program focusing on protecting voter registration databases forms part of a wider initiative to identify the most likely attack vectors ahead of the 2020 presidential election. It is due to launch in about a month.
“Recent history has shown that state and county governments and those who support them are targets for ransomware attacks,” CISA director Christopher Krebs said. “That is why we are working alongside election officials and their private sector partners to help protect their databases and respond to possible ransomware attacks.”
The CISA program will include educational material as well as penetration testing and vulnerability scans. The material will include advice on how to prevent and recover from ransomware attacks.
Yet it won’t advise whether to pay the ransom when someone becomes a victim of this type of cyberattack. U.S. officials claimed this is because they are focused on preventing them from happening in the first place.
CISA election program: Is ransomware the right focus?
Cyberattacks such as ransomware are certainly a major threat, and manipulating election data could be devastating. However, some experts believe the focus of the plan is too narrow. Tim Erlin, VP, product management and strategy at Tripwire says it is “unfortunate” that the focus on protecting U.S. elections is “so narrow.”
“Ransomware has been in the spotlight lately, especially for government agencies. It’s a real concern, but it’s by no means the only issue for election security.”
Protecting the democratic process and infrastructure, while combating nation state level attacks to manipulate the voting public is “a daunting mission,” says Ian Thornton-Trump, security head at AMTrust Europe. He says “social media sock puppets that can amplify divisive messages in key targeted areas” make it very difficult to secure elections.
“You would think that meaningful changes would have been made after the report on Russian influence activity,” Thornton-Trump says. “Unfortunately, due to partisan politics, no legislation has been brought into law.”
Philip Ingram, MBE, a former colonel in British military intelligence, says the use and abuse of information “is the biggest threat we have today.”
“Marketeers and advertisers have been doing it for years. It’s been described as warfare; we have successfully used it and fallen for it in conflicts. But it is information and it is perception aimed at all of the senses.”
Thornton-Trump points out the difficulties in tackling disinformation and manipulation spread via social media. “The very foundations of our social relationships to friends, family and government are being manipulated at mass scale. The social constructs we live in are defined by technology.”
Nation state cyberattacks come from multiple vectors that also include infrastructure such as power grids. This saw the U.S. government last month launch an initiative to secure the SCADA based systems that underpin these using “retro” technologies.
There’s no doubt that nation states will continue to attempt to disrupt and influence by interfering with elections and attacking other critical elements that are connected to the internet. It requires a multi-pronged and in-depth approach: Let’s hope the government is doing far more behind the scenes.