US Election Cybersecurity Increased As Cyber Threats Remain Strong

With just two days until the United States 2020 Presidential election day and a global pandemic continuing to cripple the world, President Donald Trump and former Vice President Joe Biden battle it out and the world is watching in anticipation. Who will win a seat in White House and play the role in shaping the global economy?

The intersection of technology and election interference as we near the historical election on Nov. 3 has been widely discussed. Previously malicious actors have attempted to undermine the nation’s democracy and as voters make their final decisions, cyber threats in the form of disruption and misinformation remain strong.

The cybersecurity challenges of the global pandemic have collided with the 2020 presidential election resulting in a surge of cyberattacks.

The Cybersecurity and Infrastructure Security Agency (CISA) has been committed with its ongoing efforts to protect the general election. Alexis Wales, the deputy associate director for CISA, says the organization has created a virtual hub where thousands of collaborators across the country share information about election-related attacks with the larger operation. The group has been actively educating the public on how to spot common tactics used by attackers on this CISA webpage.

VMware has released the results of its sixth global incident response threat report titled, “The Cybersecurity Tipping Point: Election, COVID-19 Create Perfect Storm for Increasingly Sophisticated Cyberattacks.”  The report states as the presidential election approaches, cybersecurity remains a top concern and nation-state attackers pose a significant threat. Drawing upon their security expertise – and in line with recent advisories from the Cybersecurity and Infrastructure Security Agency (CISA) 1 – 73% of respondents believe there will be foreign influence on the 2020 U.S. presidential election, and 60% believe it will be influenced by a cyberattack.

The report found online crime groups and their attacks have grown increasingly sophisticated and destructive – respondents reported that 82% of attacks now involve instances of counter incident response and 55% involve 'island hopping', where an attacker infiltrates an organization’s network to launch attacks on others within their supply chain.

“The disruption caused by COVID-19 has created a massive opportunity for criminals to restructure their businesses,” said Tom Kellermann, head of cybersecurity strategy at VMware Carbon Black.  “The rapid shift to a remote world combined with the power and scale of the dark web has fueled the expansion of eCrime groups. And now ahead of the election, we are at a cybersecurity tipping point, cybercriminals have become dramatically more sophisticated and punitive focused on destructive attacks,” adds Kellerman.

Cybersecurity and tech expert Chris Carter explains, “When you look at the state of the election process you must look at the intersection of technology and election interference. This really shows why modernizing databases is so important and how the U.S. can specifically protect voter information over the course of the entire election. No matter the election we must look into a universal clean database where we use homomorphic encryption to secure the database.”

For those readers unfamiliar with the term “homomorphic encryption” this is a method of encryption that allows computations and queries to be performed upon fully encrypted data, making it possible to analyze or manipulate encrypted data without decrypting it.

Carter explains, “Yes, the initial “Cleansing” as we call it in the information technology world, will take time and funding but once you have it clean and able to track for a safe and secure database the ability for all will keep our elections safe and secure.”

As a reference Carter cites the State of California where they have created an Office of Election Cybersecurity and Enterprise Risk Management.  He explains that California has one of the most strenuous voting system testing and certification programs in the country. Any new voting systems in California must receive certification and undergo months of testing, including functional testing, source code review, red team security testing that involves experts trying to “break into” the voting system, and accessibility and volume testing.

“Since 2016, they’ve [the State of California] conducted agency-wide security assessments and upgraded firewalls and servers in addition to rolling out 24/7 security monitoring tools. California requires every ballot to be either paper or have a voter-verifiable paper audit trail with election officials conducting a manual audit of a random 1% of ballots to ensure vote count machines are accurate. If the Federal Government would take this on we could have a secured and cyberattack free election.” says Carter.