US election 2020: a cybersecurity challenge
October 30, 2020, by Juan Pérez-Bedmar
US presidential elections have become one of the major targets for cybercriminals. These are the cybersecurity threats public administration is facing
We are a few days away from one of the biggest events in democracy: US presidential election. This year, the number of voters is expected to set a new record. Election Day is November 3rd, but Americans have actually started casting ballots already, and 14 million votes were registered just during the first 4 days according to US Election Project.
Although first voters have had to wait long queues, telematic voting will presumably be a lot more important this year, due to COVID 19. This rise is accompanied by an increase in the risk of cyberattacks, endangering voters personal data or even the voting result itself. US presidential elections have become one of the major targets for cybercriminals.
Cybersecurity fears: data theft and voters integrity
American public administrations have been preparing for cyberattacks in the voting system since the last election in 2016. At that time, russian cybercriminals attacked 50 states, managing to access databases with information about voters’ registrations. Data interception has become one of the main fears of the administration.
In the current election, several organizations, such as the Cybersecurity and Infrastructure Security Agency, have been working to install sensors to detect computer intrusions across the whole country. This will allow all 50 states and more than 2.500 local jurisdictions to obtain real-time information about cybersecurity threats.
However, cybersecurity professionals are not just worried about data larceny. Every day new worries appear, and they are growing as election day gets closer. One of the most feared threats is a ransomware attack, a malicious software that blocks the victim’s computer and demands them to pay a ransom (usually in bitcoins) to release it. Other feared cyberattacks are the more recent spear-phishing (a type of phishing that is targeted to specific victims) and social engineering as a means to get passwords and confidential information that could give cybercriminals access to critical systems.
IoT (Internet of Things) systems are also another potential attack vector. A person sitting far away can hack infrastructures to create an emergency situation on Election Day itself. (Check here how Barbara secure-by-design OS for IoT protects devices and data)
A ruined election
Some cybersecurity firms, such as Check Point, warn that cybercriminals are intensifying their efforts to interfere with the election process and results. According to them, the most frequent types of attack are:
- Denial of Service (DoS and DDoS), whose target is to interrupt the voting
- Fake news, through email and propaganda with malicious intent
- Altering the voting through malware that spreads misinformation to cause confusion
- Information leaks about candidates through documentation robbery.
- Use of malicious sites that resemble official URLs from election-related legitim websites
- Vulnerabilities in the mailing systems of the counties offices, which are responsible for registering voters and counting ballots casted.
According to Enrique Dominguez, cybersecurity expert from Entelgy Innotec Security, there are two ways of attacking an election:
- One is attacking voting mechanisms. Dominguez argues “This sounds like science-fiction in Spain because we use very robust manual mechanisms, but it isn’t like that in countries like the US, where they have been using e-voting systems for decades”
- The other is massively attacking companies with malware.
US federal administrations have been alerting for years to all public organizations about the risks of cyberattacks upon them. Many state public workers say they are much more prepared than in 2016 thanks to these continuous efforts.
How to combat administrative cyberattacks
Public administrations face sophisticated cyberattacks on a daily basis as they handle confidential and valuable information. According to the Spanish Observatory for Informatics Crimes (OEDI), in 2018 more than 81.000 cybercrimes were committed in the country, and the figure keeps increasing year after year.
As simple as it may sound, just by adopting basic security measures the risk will incredibly decrease. Examples of those measures that public administrations employ are:
- hosting websites in a secure server,
- avoiding to install non-official computer programs
- keeping systems updated
- using long and complex passwords (and periodically changing them)
- making regular backups
- connecting only to known wifi networks
- defining different access roles and ensuring that just the necessary people have access to sensitive information.
An example of digital administration is Estonia, the “Baltic Silicon Valley”. They have fully digitalized the public administration and have deployed a data management system, called X-Road, that is the pillar of the whole e-Estonia strategy. Estonia is probably the most digitally advanced society and has managed to unite electronically the whole country in one single platform, where securely and efficiently they can exchange information about their citizens among several private and public databases.
Nowadays, Estonians can access 99% of public services through the Internet, including voting (they were the first to have full electronic voting in 2005). The basis of all this is both having proper cybersecurity policies in place and educating every citizen on the issues involved since they were young.
Suscribe to our news letter to stay on top of the Industrial news and IoT trends