Thursday, December 1, 2022

U.S. agencies on high alert for cyber attacks as midterm elections approach

As much of the western world anxiously awaits the U.S. midterm elections on Nov. 8, political rhetoric and irresponsible media coverage are amping up.

While ill-informed (or ill-intentioned) media reporters and editors continue to use phrasing such as “baseless”, “bogus” and “false claims” – and perhaps the favourite: “conspiracy theories” – to describe any insinuation that it is possible that a U.S. election could be tampered with significantly, sensible humans are simply hoping for a fair fight while acknowledging that there are legitimate threats to the democratic process.

Election tampering has happened in the past, and it will happen again.

Of course, false and exaggerated claims are also part of the political/media landscape. It is more important than ever that consumers of media reports seek trustworthy sources, and avoid accepting important information without critical thought. Finding trustworthy news sources is a daunting task these days, but we at BIG Media Ltd. will continue to do our best to provide accurate news with integrity and transparency.

Government agencies in the U.S. are on high alert for good reason, as threats to the integrity of the coming election are many and varied.

As reported by Josh Meyer in USA Today:

There are three primary avenues cyber adversaries can use to hack a U.S. election: targeting voter registration, voting machines and voters themselves.

One method of cyber tampering with the vote count is to alter or delete voters aligned with a particular political party, so that “when people showed up to vote, they would be turned away because they either weren’t listed or their IDs didn’t match the rolls,” said Suzanne Spaulding, a former top Department Homeland Security official who headed the agency’s election security efforts. “That could cause chaos that would undermine trust in the process.”

In 2016, Russian cyberwarriors from the GRU military intelligence agency hacked voter registration databases in two Florida counties by sending phishing emails to county officials responsible for administering the election, federal authorities have said. That enabled the GRU to gain access to the network of at least one Florida county government, a Senate intelligence committee investigation later concluded. It said it found no evidence that vote tallies were altered or that voter registry files were deleted or modified, but noted that the committee’s and the overall U.S. intelligence community’s “insight into this aspect of the 2016 election was limited.”

While there are currently no indications of such activity this year, hackers could tamper with key databases such as voter registration rolls, shut down critically important websites such as local election-agency homepages or steal confidential voter information, according to F5 Labs, a threat intelligence and security firm.

Another hacking method is attacking voting machines.

Voting machine hacking has been a known issue for over 15 years. It was cited as a credible threat in former FBI director Robert Mueller’s special counsel report on the investigation into Russian interference in the 2016 presidential election, which said Russia’s GRU had also targeted state election offices and voting machine makers.

In all of these scenarios, though, federal, state and local election authorities have established layers of security measures and audit trails – including paper ballots and other backups – to help with detection and remediation.

The third avenue, and the one that most concerns many election officials, is using hacks and cyber attacks to deceptively influence voters. That includes creating or amplifying false narratives about particular candidates or, as Spaulding warns, about the integrity or fairness of the election itself.

In 2016, U.S. officials confirmed that Russia was trying to hack the actual infrastructure and machinery of U.S. elections in ways that went beyond what it was trying to do in Florida. That included targeting voter registration data in an attempt to block some constituencies from voting and, more broadly, to undermine confidence in the overall elections process.

Overall, Russia-linked hackers targeted election systems in at least 20 states, trying to penetrate online systems including registration databases – but not the actual voting or tabulation machines that were to be used on Election Day, which are usually not tied to the Internet.

At the time, a senior U.S. Department of Homeland Security (DHS) official described much of the Russian activity as “people poking at the systems to see if they are vulnerable.” Even so, he said, “we are absolutely concerned. The concern is the ability to cause confusion and chaos.”

Since then, election security agencies have invested significant time, resources and expertise to improve the security and resilience of U.S. election systems, according to the FBI officials, Spaulding, and other current and former election security officials. By 2018, the federal government designated election systems as part of U.S. critical infrastructure, which added additional levels of protection and funding.

After Iran, Russia, and other adversaries targeted the 2020 elections, federal authorities implemented another wave of improvements.

So far, in the run-up to the midterms, “there’s not a huge uptick that we can see in terms of probing or access or anything that would indicate their direct attacks yet” by Russia or other foreign adversaries, said Ronald Bushar, the Global Government chief technology officer at Mandiant, a threat intelligence firm that is advising U.S. government agencies and local governments on election cyber protection.

But Bushar told U.S. TODAY that election security officials are on red alert that Russia in particular might try to penetrate election systems, perhaps as payback for U.S. aid to Ukraine. “That’s their MO that we’ve seen before,” he said, citing past Kremlin hacks of U.S. critical infrastructure and other cyberattacks that created chaos and confusion.

Jen Easterly, the director of the Cybersecurity and Infrastructure Security Agency, or CISA, said recently there are no specific or credible threats regarding the cyber disruption of election infrastructure in the Tuesday elections. But she said federal cybersecurity officials remain concerned about “a very complex threat environment,” including potential efforts to interfere in the vote, both online and in person.

As such, CISA and other federal cybersecurity agencies have issued multiple warnings in recent weeks about election-eve threats, citing the prevalence of online extremism and fake and often maliciously circulated information about the strength of U.S. election security.

U.S. TODAY reported last week that China is stepping up its efforts to use cyber operations to influence the midterms, especially by creating false narratives online that undermine confidence in voting and in democracy itself.

More broadly, DHS and FBI officials have warned that Russia – and possibly Iran – are also seeking to spread disinformation about the elections in an effort to sow discord among Americans and undermine confidence in election integrity.

Such influence operations are nothing new. They were a central part of Russia’s meddling in the 2016 presidential election, which ranged from promoting false narratives about the election and even hacking into the computers of the Democratic National Committee and releasing stolen emails aimed at embarrassing the campaign of Democratic presidential candidate Hillary Clinton. In July 2018, the FBI charged 12 Russian military intelligence officers in that case.

Authorities said the Russian operatives used phishing attempts to gain access to campaign officials’ computers, and authorities have since worked with campaigns to bolster their defences against such attacks.

Iran was especially active in conducting such operations in the 2020 elections, U.S. intelligence agencies have concluded. Last November, the Justice Department charged two Iranian nationals for their part in allegedly targeting the 2020 election.

In the current election season, Iran has shown a continued willingness to “take advantage of election-integrity narratives that come up in the U.S. ecosystem,” one of the senior FBI officials said at the recent election security briefing.

Rob Driscoll
Rob Driscoll is co-founder and president of BIG Media Ltd. He is a writer and entrepreneur who is deeply committed to elevating the level of coverage of our society's most pressing matters as well as the level of respect in public discourse.

BIG Wrap

Encouraging study results bolster search for safer pain-relieving drugs

(University of Southern California) In a study published today (Nov. 30) by Nature, scientists from the University of Southern California, Washington University in St. Louis,...

Online learning during pandemic detrimental to teen mental health, school satisfaction, performance – UC Davis study

(University of California, Davis) The COVID-19 pandemic changed the social and school world for teens as virtual learning or hybrid learning became the norm...