Saturday, October 16, 2021

What Do We Know About Cybersecurity In the 2020 Elections?

Must Read

IBM has issued security patches to fix high- and medium-severity bugs

IBM has issued security patches to fix high- and medium-severity bugs affecting large business software solutions.The worst bugs could...

Researchers: Hackers Easily Bypass Google reCAPTCHA With Google’s Speech-to-Text API

A three-year-old attack technique to bypass Google's audio reCAPTCHA by using its own Speech-to-Text API has been found to...

Cybercriminals are Doing Microsoft Exchange Exploitation by installing Cryptojacking

Cybercriminals continue to exploit Microsoft Exchange unpatched servers. Cybersecurity investigators at Sophos report an unknown attack after trying to...

The 2020 US elections lived up to the expectations – that they were outspoken, temperamental, and captured the whole world’s interest. Before the elections, there are lots of rumors and speculations regarding the possibility of international forces interfering with the procedure via cyber methods.

So what do we learn from these types of elections concerning cybersecurity?

Foreign Powers May and Can Intervene in Different Nations’ Elections

Even when direct interference with voting did not happen this time, it’s apparent it is likely to interfere and control the elections utilizing cyber means. Cyber operations against elections could also be grouped into several classes:

Operations aimed at affecting the Republicans: social media and PSYOP, targeted advertisements and sway, misinformation, bogus news.
In the days before the elections, police announced that the Russian assault group APT2 repeatedly assaulted Democratic Party accounts and Iranian hackers sent unsolicited emails to tens of thousands of Republicans, attempting to persuade them to stay home and bypass their vote.

Additionally, President Trump’s official fundraising site was defaced before the elections. These actions weren’t probably connected, but they exemplify how cyber actions become more competitive before the elections.

Election IT Running is Vulnerable

There’s proof that the IT infrastructure used for the elections is both vulnerable and obsolete. Voting machines are hacked, voters’ registry info predicated were hacked, held for ransom, and published (as soon as the ransom was denied ), and the whole procedure could be delayed as a result of DDoS attacks.

A benign thing like a speech and ballot allocation may be used to cause injury and anxiety since the governor of Florida discovered when he moved to vote and discovered his speech in the voters’ registry was altered by a hacker. This prevented him from voting at precisely the same ballot box on which he had been associated.

Even the FBI and CISA have stepped their game up these elections: they’ve made many joint public service announcements to lessen unnecessary stress over international intervention whilst clearly describing what might occur.

They addressed the danger of disinformation regarding the 2020 election outcomes, rebuffed the rumors that foreign celebrities and cyber-criminals have compromised election and the U.S. voter registration information, and addressed the chance of DDoS Attacks against Election Infrastructure that could hinder accessibility to voting data, delay counting, and voting.

The FBI and CISA aren’t the only agencies that handle the problem of procuring the election procedure. The House of Representatives unanimously approved legislation that could make hacking voting strategies a national crime.

This follows the”Defending the Integrity of Voting Systems Act” accepted by the Senate annually and will permit the federal government to play a part in helping countries defend against elections.

In the days resulting in the elections, it had been determined that DHS would start a unique situation room that could function from election day before the outcomes had been ascertained with certainty.

Lowering the risk from the operations mentioned previously will call for national, coordinated attempts, and public-private cooperation. Some instances are emerging, like google’s initiative to punish sites that distribute waxed substances or even Election Cyber Surge Initiative started from the University of Chicago’s Cyber Policy Initiative (CPI).

This can be a”matchmaking” service that will develop a record of technologists that would like to volunteer their time to assist advise local and state election administrators and officials on several cybersecurity problems. Additionally, each citizen may make a huge difference.

These Problems Aren’t Specific to the US

Even though the US elections gained the most attention, the problems accompanying them are by no means particular to the United States. Back in July, that the North Macedonia country election commission, SEC, endured a DDoS attack that disabled it for many crucial hours, and other nations have endured international interference in their democratic procedure before.

Conclusion

It’s not possible to ascertain the magnitude of cyber actions that followed these elections. However, such actions have taken place. It may be estimated that the actions taken by the US government had a controlling effect on those cyber actions.

It would be wise for cybersecurity governments to conduct a comprehensive debrief and identify flaws that weren’t managed and enhanced towards the upcoming elections- and also for different countries to learn and execute those lessons learned.

a2434345d63481a40f0d145881b41013?s=96&d=mm&r=g
Priyanshu Vijayvargiya
Founder and Editor-in-Chief of 'Virtualattacks Inc' Priyanshu Vijayvargiya is a cybersecurity analyst, Information Security professional, developer, and a white hat hacker.

Leave a reply

Please enter your comment!
Please enter your name here

Latest News

Unified endpoint management automation software to boost endpoint security

Endpoints are constantly connected to the internet, so they offer a gateway for cyberattacks. Endpoint security is simply the process...

Attackers Using Morse Code in phishing campaign to Evade Detection

Microsoft on Thursday revealed the techniques used by attackers to avoid detection using morse code in the phishing campaign.Microsoft also revealed the workings of...

Murata Manufacturing suffers data breach of employees and customer

Japanese electronic components manufacturer Murata has released an apology Notice for the data breach of thousands of files in June that contained bank account...

Everything about Signalling System 7(SS7)

Signaling System 7 (SS7) is an international telecommunication protocol standard that controls and regulates the network elements in a public switched telephone network (PSTN)....

Zimbra flaw lets attackers access the mail servers

Researchers discovered a flaw in the open-source Zimbra code. As a result, an attacker would gain unrestricted access to all sent and received emails...

More Articles Like This