Are Elections Safe From Cyber Threats?

Cover Image

State-Sponsored Cyberattacks

Despite a recent drop in physical connections due to COVID-19, the world today is deeply interconnected via digital means. This makes it extremely unlikely for any two economically prosperous countries to engage in any sort of physical conflict, as it would result in far greater losses than gains. Conversely, for the very same reason, countries are investing more and more of their resources into the preparation of cyber conflicts. Cyber capabilities have become one of the most preferred defense and offense tools by nations around the world.

While military power is mostly for show, cyber capabilities are constantly put into active use to offend and influence a foreign power. State-sponsored cyberattacks are extremely effective at making immediate soft impacts, such as disrupting the operation of targeted governments and businesses, interfering with the political process of a targeted country, and generating distrust in a targeted society.

A country is most vulnerable during power shifts, making the election season a perfect time for state-sponsored attackers to achieve all these goals with minimal efforts. In this blog, we will explain the types of cyber risks on elections, and how they may affect the future of the democratic political system.


The Upcoming Presidential Election: Is the United States Ready?

The 2016 presidential election was reasonably the most controversial election in US history. Soon after the election, growing speculations on cyber interference from Russia triggered a long investigation led by the Federal Bureau of Investigation (FBI), supported by the Central Intelligence Agency (CIA) and the National Security Agency (NSA).

The two-year-long investigation resulted in the Mueller Report, which concluded that despite having no clear evidence suggesting that President Donald Trump was linked to the Russian operations, it was undeniable that the election results were to some extent influenced by Moscow.

Now with the 2020 federal election around the corner, many Americans are worried about another cyber interference. Microsoft announced in early September that they detected a number of cyberattacks targeting individuals and groups involved in the upcoming election, most of which belong to three state-sponsored groups — Strontium from Russia, Zirconium from China, and Phosphorus from Iran. Fortunately, most of the attacks were successfully detected and mitigated. In late October, Iran-sponsored hackers even sent out emails to left-wing supporters claiming that they had compromised the election infrastructure, and threatened them to vote for Donald Trump to avoid facing consequences.

As election campaigns increasingly rely on the Internet, a lot of new opportunities open up for state-sponsored hackers. Yet, is it really as bad as it seems? Are elections under threats?

Don’t worry just yet. Let’s take a look at some of the most common attacks directed at election campaigns.


Types of Cyber Threats on Elections and How to Prevent Them

Web Attacks and DDoS Attacks

Web attacks such as SQL injections and cross-site scripting are commonly used to exploit application vulnerabilities, in an effort to gain access to sensitive data stored in the web servers. These techniques can be used to target political campaign websites to access and exfiltrate their supporters’ personal information, which could be used for further phishing scams and for the spread of disinformation.

Apart from web attacks, distributed denial of service (DDoS) attacks are one of the most common cyberattacks today. By hijacking a massive botnet containing numerous IP addresses, DDoS attacks have the power to flood and impair websites and web services. When a DDoS attack is directed at the website of a political campaign at a critical time, it could considerably impact the results of an election.

The good news is that such attacks can be easily detected and stopped with adequate security measures. Penta Security’s WAPPLES, a web application firewall equipped with load balancing capability, can effectively protect websites from web attacks and DDoS, preventing data exfiltration and service disruptions. To learn more about WAPPLES, click here.


Phishing Attacks

Phishing attacks targeting political campaigns are used for a variety of purposes. Some may target directly at the candidates and their surroundings, such as election officials and administrators, for the purpose of gaining access to sensitive information on the candidates, which could lead to controversies at critical times. The 2016 Democratic National Committee (DNC) email leak is an example of this. At the time, Hilary Clinton’s campaign chairman John Podesta received a phishing email faking as Google, asking him to change his passwords. After falling into the malicious link, the hackers obtained access to nearly 20,000 emails and 8,000 attachments from the DNC, ending up in a series of controversies and biases regarding the involved candidates.

Other times, phishing attacks are used for making monetary gains. A common type would be campaign fundraising email scams that ask voters to donate for the candidate they support. Like any other phishing campaign, a political phishing campaign could also serve the purpose of infecting a victim’s computer with ransomware.

To stay prepared for phishing attacks, all staff members of a political campaign must be thoroughly educated on how to prevent themselves from falling into scams. Moreover, it is highly beneficial to use a database encryption solution like D’Amo to keep sensitive information safely encrypted in storage. To learn more about D’Amo, click here.


Ransomware Attacks

In recent years, ransomware has by far become the most popular attack method directed at governments and private organizations. When an organization’s internal systems are infected by ransomware, its databases would be locked and operations would be disrupted. If ransomware hits the election infrastructure, the voting process could be paralyzed. Fortunately, at the time of this writing, no ransomware has yet affected any of the voting infrastructures in elections around the world, thus the risk of ransomware on elections remains a theory.

Nevertheless, it is entirely possible for such a catastrophe to occur. Ransomware could possibly disrupt the voting registration, counting, and reporting processes, directly affecting the election. 

The good news is that every electoral district uses its own software, and thus it is impossible for an attacker to find a common software flaw that would infect the election infrastructure on a large scale. It would be close to impossible for attackers to go after each software flaw used by software programs in each region.


Disinformation Campaigns

A democratic system heavily depends on its citizens’ awareness and knowledge of the political and economic system, social trends and issues, as well as the policies of each candidate. A voting decision is made based on all this information combined. Thus, manipulating information would lead to poor judgments and decisions, resulting in a false representation of power.

Disinformation campaigns are mostly launched during the election campaign process, with social media as a commonly targeted platform. Fake news and inaccurate information are commonly spread through social media to provoke radical views and social polarization. With AI-enabled deep fake technology, the facial expressions and voice of politicians and celebrities could be studied to create fake videos from scratch.

Compared to other cyberattacks, disinformation campaigns are by far the biggest threat because there is no clear-cut solution to solve the problem. Nevertheless, social media providers are continuously working on better ways to mitigate the effects of such campaigns. Recently, Facebook and Twitter have both stepped in to tackle fake news circulating on their platforms as a means of protecting the election process. Adobe has gone a step further to test its secure watermark for Photoshop and Behance to add authorship data to the original works to prevent the generation of deep fake images and videos.


So, Are Elections Safe From Cyber Threats?

We believe yes. By tackling each of the threats carefully with adequate cybersecurity measures, the election process can be safely protected. Just like large enterprises and organizations, government institutions and electoral bodies should all make sure they have the latest software patches, adopt strong and robust cybersecurity measures, and train their staff members to be aware of cyber threats.


Keeping Calm is the Best Defense

Switching to another perspective, indeed, cyberattacks on elections are bad. However, what’s worse is the exaggeration of the impacts of cyberattacks on election results. In late September, the FBI and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) warned the public that malicious groups are spreading disinformation about potential cyberattacks on election infrastructure. Exaggeration of cyber risks would cause just as much damage as the cyberattacks themselves because it slowly deteriorates the perceived trustworthiness of the election results, creating chaos in society.

Therefore, the ultimate answer to protecting democracy from cyberattacks is to stay calm, secure the vulnerabilities, and have trust in the system.


Check out Penta Security’s product lines:

Web Application Firewall: WAPPLES

Database Encryption: D’Amo

Identity and Access Management: ISign+ 

Car, Energy, Factory, City Solutions: Penta IoT Security