The 2020 U.S. Presidential Election is the most talked about topic, even more than the last one. For both Republicans and Democrats, the stakes are higher while for some Americans, it is a now-or-never situation. The election is already under the scanner due to disinformation campaigns of voter fraud, mail-in ballot controversy and alleged meddling attempts by foreign governments. Now, the election officials are being targeted with suspicious email campaigns that could put the entire process in jeopardy.
The Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC) issued an alert on Friday (October 23), saying that it had seen suspicious emails that impersonated election directors and disabled voters asking for ways to vote from home. Some emails even asked the recipient to click on an attached link to get a two-factor authenticated device. Officials started reporting the emails from October 15.
"Some of these emails were designed to mimic standard correspondence that election officials would expect to receive which increases the risk that an official might click a malicious link," the alert said according to the Wall Street Journal.
Spearphishing campaigns are not unusual and in recent times, the U.S. Department of Homeland Security's cybersecurity division and the Federal Bureau of Investigation (FBI) have warned against such emails. In 2016, the Democratic National Convention (DNC) was targeted with such a phishing campaign and leaked a vast amount of data. Even in 2020, both the Republicans and Democrats have been targeted with phishing emails imitating McAfee antivirus.
Such emails contain links to download a malware payload which would silently run in the background and collect data or encrypt files on a computer or network. However, in this case, the EI-ISAC did not observe any malicious links or attachments in the sampled emails. It also didn't find any links to state-backed operations or coordinated attacks. "While these phishing messages appear to be part of a widespread campaign, the source and motive remain unclear," the alert said.
Recently, the Director of national intelligence, John Ratcliffe, also revealed that state-backed Iranian and Russian stole sensitive voter information to target them. Investigations revealed that Iranian hackers imitated far-right group Proud Boys to send threatening emails to Democrat voters, asking them to vote for Republican nominee Donald Trump.
For the time being, the emails seem harmless but as seen in the past, local election officials are more vulnerable to such phishing attacks. Cybersecurity company Area 1 Security studied the email security of over 12,000 local election officials and observed that more than 50 percent of them had very little protection from phishing attacks.
The EI-ISAC was formed in 2018 to inform and educate election officials of cyber threats, especially suspicious emails, the most effective form of cyberattacks. As per reports, around 3.4 billion phishing emails are sent daily but most of them are blocked by spam filters of email clients. However, even after taking steps to mitigate the risks, EI-ISAC, which reports to Cybersecurity and Infrastructure Security Agency (CISA), Homeland Security's cybersecurity division, still finds officials clicking on suspicious links.
Thus, the EI-ISAC regularly issues alerts to officials, urging them to be careful and not click on suspicious links. This recent alert was also part of their awareness program, reminding election officials to stay vigilant amid a barrage of cyberattacks of late.