by Tim Korso
Worries about purported foreign meddling in America’s democratic processes are now being supplemented by concerns that the increased stress on the electoral system this year might allow criminals with less sophisticated tools to attack critical voting-related networks.
Federal and local authorities in the US have been dealing with all kinds of hacker attacks, including Ransomware, over the past few years, while not all of them were successful, several successful incidents might have a great impact on the US if they happen on the eve or the day of the November election, AP says, citing several government officials and advisories by federal agencies.
Officials admit that their concerns pertain not only to alleged attempts by other states to hack into critical US systems, but even to attempts by ordinary criminals, who often seek to earn money by demanding a ransom for encrypted government data held “hostage”. The news agency brings up a December 2019 report by a cybersecurity firm, Emsisoft, saying that some 966 government entities had been attacked in recent years, leading to a loss of data, including medical and police records. Local American authorities are facing such hacker attacks on a “daily basis”, Geoff Hale, a top election security official with Homeland Security told AP.
While hitting police databases is one thing, hacking systems relevant or close to the voting process in the US around the November election is quite another the news agency points out. Such an attack doesn’t even have to be directed at altering the votes – the simple fact of such a thing happening can undermine confidence in the voting and hence the election results, one of the interviewees explained.
“From the standpoint of confidence in the system, I think it is much easier to disrupt a network and prevent it from operating than it is to change votes”, Justice Department deputy assistant attorney general, Adam Hickey, said.
There are several systems that can be heavily affected by the actions of cybercriminals, AP stresses, and such attacks might vary in impact depending on a state’s approach to this year’s election. Those states that favour in-person voting might suffer if their voter registration databases are hit making them unable to verify if a person is eligible to cast a ballot. States, which despite criticism by President Donald Trump, allow mail voting in November might, in turn, face major trouble if their systems for vote tallying or reporting results are hacked, the news agency points out.
The attack might not even target voting systems. Since modern malware is highly capable of spreading across interconnected networks it might jump from a non-directly relevant system with hacker not even knowing what they are hitting, Justice Department official Adam Hickey said. The balloting networks themselves are also vulnerable especially with all the pressure the electoral system is facing in light of the fallout from the coronavirus pandemic.
“I’m more worried that those people who are working extra hours and working more days, the temporary staff that may be brought in to help process the paperwork, that all this may create a certain malaise or fatigue when they are using tools like email”, chief information officer for the secretary of state, David Tackett, said suggesting that fatigued or inexperienced personnel might fall victim to so-called spearphishing attacks.
Still, it doesn’t mean that the hackers will be able to easily tarnish the November vote, if they manage to at all. The FBI and Department of Homeland Security have already issued an advisory, cited by AP, which shows local authorities how to avoid attacks and how to mitigate damage from them, for example, by separating voting-related networks from other ones.
Some authortities are also drawing on their 2016 experience, the news agency said, and are taking steps to not only prevent a successful hack, but also to restore their operations quickly if they fail to do so. One such step is the creation of redundant voter registration databases stored in separate secure locations, ready to be pulled in case the main database is trashed by some ransomware virus.