Federal and local authorities in the US have been dealing with all kinds of hacker attacks, including Ransomware, over the past few years, while not all of them were successful, several successful incidents might have a great impact on the US if they happen on the eve or the day of the November election, AP says, citing several government officials and advisories by federal agencies.
Officials admit that their concerns pertain not only to alleged attempts by other states to hack into critical US systems, but even to attempts by ordinary criminals, who often seek to earn money by demanding a ransom for encrypted government data held "hostage". The news agency brings up a December 2019 report by a cybersecurity firm, Emsisoft, saying that some 966 government entities had been attacked in recent years, leading to a loss of data, including medical and police records. Local American authorities are facing such hacker attacks on a "daily basis", Geoff Hale, a top election security official with Homeland Security told AP.
While hitting police databases is one thing, hacking systems relevant or close to the voting process in the US around the November election is quite another the news agency points out. Such an attack doesn't even have to be directed at altering the votes - the simple fact of such a thing happening can undermine confidence in the voting and hence the election results, one of the interviewees explained.
"From the standpoint of confidence in the system, I think it is much easier to disrupt a network and prevent it from operating than it is to change votes", Justice Department deputy assistant attorney general, Adam Hickey, said.
There are several systems that could be severely affected by the actions of cybercriminals, the AP stresses, and such attacks could vary in terms of impact depending on a state's approach to this year's election. States that favour in-person voting may suffer if their voter registration databases are hit, rendering them unable to verify if a person is eligible to cast a ballot. This type of voting is more susceptible to hacker attacks, Daniel Castro, vice president of the Information Technology and Innovation Foundation, believes, indicating that an intrusion into e-pollbooks could result in longer queues at ballot stations as well as lead to delays in tallying the vote.
The electronic voting machines used in the US could also fall victim to hacker attacks, Matthew Hickey, a security researcher and co-founder of the cyber-security firm Hacker House, indicates. He explains that most such machines are prone to suffering attacks that originate in their supply chain or come from the country's electoral authorities, adding that Hacker House's team has actually managed to run malware on such a machine, turning a tool of the democratic process into a video game arcade.
States, which despite criticism by President Donald Trump, allow mail voting in November might, in turn, face major trouble if their systems for vote tallying or reporting results are hacked, AP points out.
The attack might not even target voting systems. Since modern malware is highly capable of spreading across interconnected networks it might jump from a non-directly relevant system with hacker not even knowing what they are hitting, Justice Department official Adam Hickey said. The balloting networks themselves are also vulnerable especially with all the pressure the electoral system is facing in light of the fallout from the coronavirus pandemic.
"I'm more worried that those people who are working extra hours and working more days, the temporary staff that may be brought in to help process the paperwork, that all this may create a certain malaise or fatigue when they are using tools like email", chief information officer for the secretary of state, David Tackett, said suggesting that fatigued or inexperienced personnel might fall victim to so-called spearphishing attacks.
Still, it doesn't mean that the hackers will be able to easily tarnish the November vote, if they manage to at all. The FBI and Department of Homeland Security have already issued an advisory, cited by AP, which shows local authorities how to avoid attacks and how to mitigate damage from them, for example, by separating voting-related networks from other ones.
Some authorities are also drawing on their 2016 experience, the news agency said, and are taking steps to not only prevent a successful hack, but also to restore their operations quickly if they fail to do so. One such step is the creation of redundant voter registration databases stored in separate secure locations, ready to be pulled in case the main database is trashed by some ransomware virus.
However, some pundits doubt that these precautions will come in handy in the November election, questioning the notion that ransomware attacks might target balloting systems. While they do profit from hijacking data and releasing it in exchange for payment, it is unclear why they would bother spending their efforts on seemingly less effective attacks on electoral cyber systems, Dr Binoy Kampmark, senior lecturer at the School of Global, Urban and Social Studies at RMIT University, Australia, wonders. He argues that these criminals are aware of more effective methods of making ransom money and election-related networks hardly "fit the traditional target sample".
"To see it used in an electoral context will be something new and not necessarily effective. Who would benefit? Why use such methods when others would be far more effective? […] Given its traditional use in commercial and individual contexts, why ransomware would be used in the context of voting or election results is a big question", Kampmark concludes.