The 4 Threats Facing Voters This Election — and How You Can Beat Them

By Faith Karimi, CNN  –  October 20, 2020

As the US grapples with an election season rampant with mistrust and conspiracy theories, federal officials are warning Americans about threats to undermine the integrity of the vote — and how to avoid them.

Mail-in ballots, massive turnout and the pandemic could combine to delay the outcome of this year’s presidential election, providing a wide window for scammers and others to spread false information.

Social media is again populated by false election claims. Adding to the confusion, Microsoft says Russian, Chinese and Iranian hackers have targeted people and organizations involved in the election.

“A significant number of Americans appear susceptible to believing unproven claims,” Daniel A. Cox, director of the Survey Center on American Life and co-author of a report on US conspiracy theories, said in a statement. “Politically motivated conspiracy theories find a receptive audience among both Democrats and Republicans.”

Both the FBI and the Cybersecurity and Infrastructure Security Agency, which protects the nation’s infrastructure, have reassured voters that they’re working to protect the election’s integrity.

But the two agencies are urging Americans to keep an eye on the following threats:

False reports of leaked voter data

The stakes in this year’s election aren’t just high in the US. “Foreign actors” and cybercriminals may try to discredit the results by spreading disinformation, the FBI and CISA say. These false claims could include reports of ballot fraud, cyberattacks targeting election infrastructure, and other related issues that could make voters question whether the election is legitimate, federal officials say.

Hackers may also spread false reports that they obtained and leaked US voter registration data. But don’t worry, the feds say.

Hackers from Russia, China and elsewhere have tried to disrupt the US election, Microsoft says.

“In reality, much US voter information can be purchased or acquired through publicly available sources,” both federal agencies say. “While cyber actors have in recent years obtained voter registration information, the acquisition of this data did not impact the voting process or the integrity of election results.” Public leaks of voters’ information do occasionally happen. In 2017 the personal information of almost 200 million registered US voters was accidentally exposed online by a Republican analytics firm.  

Misleading online journals

Foreign governments have used pseudo-academic online journals to spread false information in the past. And they may use them again to try to influence the outcome of the election, the FBI says. Such fake online journals could express support for specific candidates, allege voter suppression, amplify reports of real or alleged cyberattacks on election infrastructure and assert voter fraud, federal officials say. Foreign actors employ social media and other online platforms to increase the journals’ global reach and give them credibility. “Such sites could be employed … to manipulate public opinion, increase societal divisions, cause widespread confusion, discredit the electoral process and undermine confidence in US democratic institutions,” the FBI and CISA say.  

Fake websites and email accounts

Cybercriminals have mastered the art of spoofing email domains. During elections, they use that to fool people into thinking that websites or emails are legitimate, federal officials warn. “Adversaries can use spoofed domains and email accounts to disseminate false information; gather valid usernames, passwords, and email addresses; collect personally identifiable information; and spread malware, leading to further compromises and potential financial losses,” the FBI says.

A federal agency conducts testing and certification of voting machines in the US.

These crooks set up fake domains by making small changes to words (“electon” instead of “election”). Or they masquerade as official government sources but use an alternative domain, such as a dot.com instead of dot.gov site. Even so, “if cybercriminals were able to successfully change an election-related website, the underlying data and internal systems would remain uncompromised,” the FBI and CISA say in a joint report.

Cyberattacks that slow election systems

Criminals also have tried to target election systems, federal officials say. While that can slow a system or make it temporarily inaccessible to election officials, it does not prevent voting or the reporting of results. “The FBI and CISA have no reporting to suggest cyber activity has prevented a registered voter from casting a ballot, compromised the integrity of any ballots cast, or affected the accuracy of voter registration information,” the agencies say in a statement.

An election worker feeds ballots into voting machines during an accuracy test at the Miami-Dade Election Department headquarters on October 14, 2020, in Doral, Florida.

“Any attempts tracked by FBI and CISA have remained localized and were blocked, minimal, or easily mitigated,” the agencies say. Federal officials say such attempts would be difficult to conduct undetected. And even if hackers did succeed in affecting voting, election officials say they have multiple safeguards and plans in place. They include provisional ballots so registered voters can cast ballots and paper backups.  

How to thwart these threats

The federal agencies are providing tips on how to beat these scams:

  • Ensure reports about election irregularities are from a credible source such as the media, state and local election officials. Always be aware of who’s sharing the information and their potential intent.
  • Before sharing reports on social media, where they can take a life of their own, make sure they’re from reliable sources.
  • Most social media platforms have ways to report suspicious posts and false information. Make use of them.
  • Report anypotential election crimes — such as false information about where to vote — to the FBI.
  • Double-check web and email addresses to make sure they’re not imitations of legitimate election sources.
  • Update your anti-malware and anti-virus software, along with your operating systems.
  • Don’t open unknown emails or attachments, and avoid clicking on questionable files or links.

 While voters should be concerned about election threats, they should not be worried about the integrity of their vote, said Allyn Lynd, a senior adviser at CRITICALSTART, a cybersecurity company in Texas. “The US Election Assistance Commission — a federal agency that serves as a resource for election administrators and vendors — conducts testing and certification of voting machines,” he told CNN. But if anyone believes their vote has been tampered with, they should notify election officials at their polling place and report it to federal agencies such as the FBI. “The public should be aware that election officials have multiple safeguards and plans in place — such as provisional ballots to ensure registered voters can cast ballots, paper backups, and backup pollbooks — to limit the impact and recover from a cyber incident with minimal disruption to voting,” Lynd said. The best protection to ensure a vote is correctly recorded, counted and tabulated is a paper trail showing all those steps, he said.  See the CNN article

Newsletter Signup

Stay up-to-date on the latest resources and news from CRITICALSTART.
Tactics to Mitigate Security Gaps in Modern Threat Response. Upcoming Webinar - October 15.
This is default text for notification bar