2020 Election Cybersecurity: Protecting U.S. elections against cybercrime

Written by Dan Rafter for NortonLifeLock

 

The campaign to protect the upcoming 2020 U.S. election against cybercrime is on. Among the cybersecurity threats facing the presidential election year: ransomware and foreign interference. Here’s a look at cybersecurity issues surrounding the upcoming 2020 election.

 

How ransomware could threaten the 2020 U.S. election

A look back at election hacking in 2016

Potential threats to paperless voting

How ransomware could threaten the 2020 election

Ransomware has become a real threat to governments and, potentially, to future elections.

Hackers launched 169 ransomware attacks on government agencies from 2013 through the first four months of 2019, according to cybersecurity firm Recorded Future.

Typically, the cybercriminals will infect the computers of government agencies before demanding that they pay a ransom for an encryption key that will free their locked files and records.

The frequency of these attacks appear to be on the rise. Recorded Future found evidence of 46 ransomware attacks on government agencies in 2016, 38 in 2017, and 53 in 2018. During the first four months of 2019, though, Recorded Future found reports of 21 attacks.

The threat of ransomware looms large now as the U.S. gets closer to the 2020 election. There’s fear that cybercriminals could deploy ransomware attacks to disrupt voting in states across the nation.

How ransomware could disrupt voter databases

Cybersecurity experts — including the highest-ranking cybersecurity official at the U.S. Department of Homeland Security — worry that cyber criminals could use ransomware to lock up the voter registration databases maintained by states. That’s according to a September 2019 analysis published in The Washington Post.

If this happens, state election officials would not be able to verify that people are voting in the right districts or even if they are eligible to vote.

This isn’t an empty threat. As the Post reported, Russian hackers in the 2016 elections targeted voter registration databases. That was one of the key revelations in a report filed by former special counsel Robert Mueller.

Why are these databases so vulnerable? They’re often connected to the Internet, making them an easier target for cybercriminals and nation state hacking groups.

The Cybersecurity and Infrastructure Security Agency — part of the Department of Homeland Security — has developed a major initiative to work alongside local election officials to help protect voter registration databases against ransomware.

The Agency is also working with thousands of voter jurisdictions across the U.S. on cybersafety measures to take ahead of election season.

A look back at election hacking in 2016

The attempts of hackers to influence the 2016 presidential election generated plenty of headlines. The actual hacking, though, got its start before 2016, with CNN reporting that the FBI first contacted the Democratic National Commitee in September 2015 to warn that at least one of its computers had been accessed by Russian hackers.

In November of that same year, according to CNN, the FBI reached out to the Democratic National Committee a second time, warning the Committee that one of its computers was sending information back to Russia.

In March 2016, though, the hackers got their big break. That’s when John Podesta, chairman of Hilary Clinton’s election campaign, received a phishing email with a link that directed Podesta to a page where he could change his password. Podesta asked a staffer from the campaign’s help desk if he should trust the email. The staffer made a typo, typing that the email was legitimate instead of illegitimate. Podesta then went to the page to change his password, which gave hackers access to his email messages, according to CNN.

In June of the same year, the Washington Post reported that hackers with the Russian governent stole oppositional research on Donald Trump from the Democratic National Committee’s computer system. The hackers were able, too, to read the emails and online chats of Committee staffers.

Right before the Democratic National Convention in July 2016, WikiLeaks published nearly 20,000 emails stolen from the Democratic National Committee’s server. This included messages from the organization’s chair, Debbie Wasserman Schultz, suggesting that the organization favored Clinton over her Democratic opponent, Bernie Sanders.

In July 2018, the U.S. Justice Department indicted 12 members of Russian intelligence agency GRU as part of Robert Mueller’s investigation. As CNN reported, the indictment says that the Russians hacked the emails and computer networks of the Democratic party during the 2016 presidential campaign.

Potential threats to paperless voting

It might seem that paperless voting machines are the wave of the future. But cybersecurity experts worry that voting machines that don’t leave a paper trail could be especially vulnerable to hackers.

In August 2019, news site Politico held an online discussion with cybersecurity reporter Eric Geller and voting security expert and University of Michigan professor J. Alex Halderman.

The biggest concern raised during this event? Halderman said voting systems that are connected to the internet are vulnerable to hackers. He said it took him and his students about 48 hours to gain full control and change the votes of an online voting system built for Washington, D.C.

The smart move? Halderman recommended moving to voting systems that use paper ballots. This might seem like a step backward, but it is believed that paper ballots would be less likely to be hacked.

Halderman said he testified to Congress in 2019 that it would cost about $370 million to implement paper ballots in every U.S. jurisdiction that doesn’t have them. Once the paper ballots are in place, it has been reported that it would cost less than $25 million a year to audit federal elections.

To help protect elections against cybercriminals, Halderman and Geller recommended that every federal election be conducted with paper ballots. They also recommended a requirement that every federal election should be subjected to a risk-limiting audit to confirm that computer totals match the paper ballots. Finally, Halderman and Geller recommended the establishment of federal cybersecurity standards for election administration, including requirements to follow security best practices for security voter registration systems, election management systems, and outcome reporting systems.

Resource Center