Without a clear winner, there is a big opportunity for disinformation campaigns.
Cybercriminals are “relishing in the madness” of those trying to sow further discord as the presidential election outcome remains unknown.
That’s according to Jerry Ray, SecureAge‘s COO. He and other cybersecurity experts were anxious to weigh in Wednesday as efforts continue to determine the election outcome.
“The higher the temperature of those defending or defaming the election results, the lower their awareness of the multitude of attacks awaiting them,” Ray said.
Those attacks include phishing emails, fraudulent websites and other tactics to exploit the “highly distracted,” he said.
“As the votes continue to be counted, the most inevitable and effective cyberattacks will be subtle, unnoticed, unattributable and masked within the culture of doubt and suspicion cast upon the election for the sake of either plausible deniability by the victors or grounds for dispute by the vanquished,” Ray said. “With only a fraction of 1 percent of the voting population determining the outcome, the attackers need only work in the margins and against those least able to defend themselves or least likely to notice.”
Allyn Lynd is Critical Start‘s senior digital forensics and incident response (DFIR) adviser/manager.
“There are currently organizations reporting what they believe are irregularities in voting-polling rolls, but no actual voting machine hacks,” he said.
There are credible reports of uncounted votes stemming from someone else registering for an absentee ballot to a bogus address.
“Again, this is not an issue with the voting machines, but an issue with the voting ecosystem,” Lynd said.
This adds to the confusion as results remain uncertain, he said.
Brandon Hoffman is NetEnrich‘s CISO. He said there’s a big opportunity for disinformation campaigns to continue to erode confidence in the election process.
“Sowing discord will help future campaigns with a more malicious intent,” he said. “As they foment unrest, people are more likely to click on emails and sites that echo their own sentiments that have been stoked by these information warfare exercises.”
Joseph Carson is chief security scientist and advisory CISO at Thycotic. He said attackers continued to focus cyberattacks at the election campaigns. Furthermore, they focused on creating disinformation on social media, all focused at generating distrust in the system.
“Hacking an election is not about influencing the outcome, it is about hacking democracy,” he said. “It is always important to see the ultimate motive. And hacking democracy is about dividing people, creating distrust in both your government and your fellow citizens.”
Tim LeMaster is senior director of systems engineering at Lookout.
“There was a lot of work going on behind the scenes to coordinate election security issues, both in terms of threats, but also best practices and security guidance,” he said. “There was a significant focus this year on recognizing and removing disinformation from social media. With so many Americans using those platforms, it’s important to have some amount of monitoring in place to limit foreign attempts to spread misinformation that would further divide the citizens.”
Moving forward, there will be a growing need for coordinated efforts around sharing threat data and government guidance, LeMaster said.
“Organizations like the U.S. Election Assistance Commission (EAC) will play an even larger role in coordinating some of that activity,” he said. “The emergence of groups like Defending Digital Campaigns is an encouraging sign that things are headed in this direction.”
Mark Kedgley is CTO at New Net Technologies (NNT). He said as society becomes more automated, ensuring the integrity of democratic processes needs “serious care and attention.”
“As the Hall County, Georgia, case indicates, voting machines are connected to distributed databases, which expands the attack surface to the IT infrastructure of each county or state where such a connection is in place,” he said. “Vulnerability management, secure configuration baselines and change control are all now non-negotiable.”
CRITICALSTART® and MOBILESOC® are federally registered trademarks owned by Critical Start. Critical Start also claims trademark rights in the following: Cyber Operations Risk & Response™ platform, and Trusted Behavior Registry®. Any unauthorized use is expressly prohibited.