The Americans are gearing up for their most awaited event of the year, which is the 2020 Presidential election. From President Donald Trump to the 77-year-old Michael Bloomberg from Democratic Party, all the presidential nominees have started their election campaigns in the US. But researchers fear a cybersecurity threat as they have already warned that the risk of data exfiltration had elevated the ransomware threat to crisis level.
While the last election in 2016 was all about Russian hacking and disinformative campaigns, researchers believe that there would be a possibility of foreign interference to disrupt the electoral process and potentially impact the results. In 2020, the security experts believe that the election interference may come in the form of a different type of cyberattack which could be a ransomware attack.
US election under cyber threat?
In a new report, published by security company Emsisoft, the researchers mentioned that the use of outdated operating systems by-election jurisdictions, widespread disregard for cybersecurity practices among local governments and low levels of public faith in the integrity of the election system have created a perfect scenario for ransomware attacks, which has been rising in the US. These attacks will disrupt the election process and can undermine the public's confidence in the result, said the experts.
The researchers believe that the threat actors could use ransomware to manipulate the 2020 election process by attacking county-level entities and lower-level election officials who may not have the resources to maintain robust anti-ransomware practices.
The cyberattacks could potentially disrupt local voting infrastructure, stifle access to information, leak voter data and ultimately undermine public trust in the election system during what is expected to be a highly contentious presidential race.
The risk factors
As per the report over a quarter of local governments did not know how frequently they were attacked. The researchers said that almost 60 percent of attacks were ransom-related but less than half of local governments had a "very good" or "excellent" ability to recover from such attacks. Fewer than half of respondents said that they catalogued or counted attacks, said Emsisoft.
It should be noted that over 15 percent of institutions did not have a security policy plan or disaster recovery plan in place and 30 percent had not conducted a security risk assessment in the last three years, while 38 percent reported not encrypting sensitive information.
A massive amount of the 10,000+ election jurisdictions in the US rely on Windows 7 or an older operating system to run the election. As reported by Federal Times as of July 2019, 31 percent of federal civilian agency computers were still running on Windows 7. Here it should be mentioned that the tech giant has already decided to end support for this version of Windows which means and all the users of Windows 7 have been receiving notification for over a year.
What will happen if hackers hit the US election?
While talking to the threat analyst at Emsisoft, Brett Callow told IBTimes Singapore that
A ransomware attack on a local government during the election period could result in confusion and delays, limit officials' ability to perform their duties, diminish the public's confidence in the integrity of the election and, perhaps, even invalidate the result. Local governments are falling victim to ransomware attacks at a rate of one every other day, so this is a very real risk and we again urge governments to act immediately to bolster their security.
But there should be a defence mechanism to combat such threats. As per Lavi Lazarovitz, group research manager at CyberArk Labs election security is a hot topic for democracies everywhere. He told IBTimes Singapore that beyond the ballot box tampering, it's important to consider the broader impact of disruption and disenfranchisement. Lazarovitz also stated that-
Attackers have repeatedly demonstrated skill at causing disruption – when it comes to impacting democracy, we could see disruption come in many – even seemingly disconnected – forms. We've considered the impact of stalling major transportation systems – like buses and trains – in major metropolitan areas that could keep citizens from safely getting to the polls. A sequencing of these attacks that impact core infrastructure – halting transportation, shutting down the electrical grid or launching an attack on voter registration databases – can have a domino effect and impact the ability for the voting system to operate consistently with trust and reliability.