America has begun preparing itself for any cyberattacks the country’s voting system might face during the presidential elections in 2020. The U.S. government intends to run a program that centres around securing voter enrolment databases and IT systems ahead of the next presidential race.
The Cybersecurity Infrastructure Security Agency or CISA, a division of the Homeland Security Department fears the databases could specifically be targeted by ransomware attacks, a kind of malware that has crippled IT networks across the United States in the past few years, including recently in Texas, Baltimore and Atlanta. Ransomware attacks can potentially freeze governments out of voting data at the most critical moments, cause data loss and delays to undermine the legitimacy of the elections themselves.
“Recent history has shown that state and county governments and those who support them are targets for ransomware attacks. That is why we are working alongside election officials and their private sector partners to help protect their databases and respond to possible ransomware attacks,” said Christopher Krebs, CISA’s director.
And it’s not just the authorities which have expressed concerns. A public opinion study observed that a majority of US citizens said they were bothered that voting systems might not be guarded against hackers. In response to such security threats, the US Congress allocated a total of $425m for election-related spending, including security measures for 2020 elections to improve infrastructure and better coordinate to harden election systems.
In the last few years, we have seen how state-sponsored hackers can have disruptive effects on a global level. This is even more critical for local governments in smaller cities who may not have adequate IT infrastructure and expertise to tackle advanced attacks like ransomware. A ransomware attack typically locks an infected computer system until payment, usually in the form of cryptocurrency, is sent to the hacker. The malicious code executed in these cases can bring about data loss, render systems inoperable, and cripple device functions.
One such major incident happened recently at Texas wherein the Department of Information Resources (DIR) reported as many as 23 state-run departments — including police offices and libraries that were disrupted by ransomware malware. The Texas security event is one of a kind in that it was one of the first organised ransomware attacks to hit the US.
The Alleged Foreign Meddling
The US Senate Intelligence Committee announced after its research concluded that election systems in all 50 states were targeted by Russia in 2016, although there is no evidence that the hackers were able to successfully alter voting data.
The Committee brought to light that there have been incidents of hacking particularly in Illinois and Arizona which may have been directed by Russian intelligence, further stating “an unprecedented level of activity against state election infrastructure”. Apart from this, the Mueller investigation claimed that VR systems, a voting technology vendor in the state of Florida was targeted by Russian hackers who placed malware on its network.
In another instance, Massachusetts-based threat intelligence firm Recorded Future found, at any rate, there were 169 ransomware episodes focusing on state and local government since 2013, with 21 of them revealed just in the first quarter of 2019. The high prevalence of ransomware attacks has alarmed US officials about the upcoming elections as electoral databases may prove to be objects of interest for both private and state-sponsored hacking groups.
Home » US Rushes To Protect Itself Against Russian Hackers Ahead Of 2020 Elections
But why are voting systems in the US so much vulnerable against cyberattacks from foreign actors? Computer security researcher, Matt Blaze gave his perspective on the election security during his testimony to the US House of Representatives. Matt said, “The IT and security administration of election management computers varies widely from jurisdiction to jurisdiction. In the best cases, there may be a full-time staff devoted to securing and managing election computers and networks. In a more typical case, computer security is relegated to the general county IT staff, which may have only limited resources relative to the threat. In all cases, however, even the best defensive cybersecurity resources of a local county are of only limited value against a foreign state adversary.”
Tackling Cyber Threats Against Voting Systems
A program by Cybersecurity and Infrastructure Security Agency (CISA) is intending to connect with state authorities to get them ready for any further ransomware attacks. CISA has created guidelines to enable organisations to constrain harm, and recover smartly in case there is a further attack.
The guidelines specified on the website cover things related to backing up of data and configurations, updating and patching systems, incident response plan, network monitoring tools. As part of the program, CISA will also support remote computer penetration testing and vulnerability scans.
A spokesperson for the CISA told CSO Online that the agency has witnessed substantial improvements in security over the past couple of years. This happened after the agency implemented access control in place, including such as multi-factor authentication, intrusion detection systems, as incident identification and response to strengthen election security.
Provide your comments below
If you loved this story, do join our Telegram Community.
Also, you can write for us and be one of the 500+ experts who have contributed stories at AIM. Share your nominations here.
Vishal Chawla is a senior tech journalist at Analytics India Magazine and writes about AI, data analytics, cybersecurity, cloud computing, and blockchain. Vishal also hosts AIM's video podcast called Simulated Reality- featuring tech leaders, AI experts, and innovative startups of India. Reach out at email@example.com