The 2020 US elections lived up to the expectations – that they were outspoken, temperamental, and captured the whole world’s interest. Before the elections, there are lots of rumors and speculations regarding the possibility of international forces interfering with the procedure via cyber methods.
So what do we learn from these types of elections concerning cybersecurity?
Foreign Powers May and Can Intervene in Different Nations’ Elections
Even when direct interference with voting did not happen this time, it’s apparent it is likely to interfere and control the elections utilizing cyber means. Cyber operations against elections could also be grouped into several classes:
Operations aimed at affecting the Republicans: social media and PSYOP, targeted advertisements and sway, misinformation, bogus news.
In the days before the elections, police announced that the Russian assault group APT2 repeatedly assaulted Democratic Party accounts and Iranian hackers sent unsolicited emails to tens of thousands of Republicans, attempting to persuade them to stay home and bypass their vote.
Additionally, President Trump’s official fundraising site was defaced before the elections. These actions weren’t probably connected, but they exemplify how cyber actions become more competitive before the elections.
Election IT Running is Vulnerable
There’s proof that the IT infrastructure used for the elections is both vulnerable and obsolete. Voting machines are hacked, voters’ registry info predicated were hacked, held for ransom, and published (as soon as the ransom was denied ), and the whole procedure could be delayed as a result of DDoS attacks.
A benign thing like a speech and ballot allocation may be used to cause injury and anxiety since the governor of Florida discovered when he moved to vote and discovered his speech in the voters’ registry was altered by a hacker. This prevented him from voting at precisely the same ballot box on which he had been associated.
Even the FBI and CISA have stepped their game up these elections: they’ve made many joint public service announcements to lessen unnecessary stress over international intervention whilst clearly describing what might occur.
They addressed the danger of disinformation regarding the 2020 election outcomes, rebuffed the rumors that foreign celebrities and cyber-criminals have compromised election and the U.S. voter registration information, and addressed the chance of DDoS Attacks against Election Infrastructure that could hinder accessibility to voting data, delay counting, and voting.
The FBI and CISA aren’t the only agencies that handle the problem of procuring the election procedure. The House of Representatives unanimously approved legislation that could make hacking voting strategies a national crime.
This follows the”Defending the Integrity of Voting Systems Act” accepted by the Senate annually and will permit the federal government to play a part in helping countries defend against elections.
In the days resulting in the elections, it had been determined that DHS would start a unique situation room that could function from election day before the outcomes had been ascertained with certainty.
Lowering the risk from the operations mentioned previously will call for national, coordinated attempts, and public-private cooperation. Some instances are emerging, like google’s initiative to punish sites that distribute waxed substances or even Election Cyber Surge Initiative started from the University of Chicago’s Cyber Policy Initiative (CPI).
This can be a”matchmaking” service that will develop a record of technologists that would like to volunteer their time to assist advise local and state election administrators and officials on several cybersecurity problems. Additionally, each citizen may make a huge difference.
These Problems Aren’t Specific to the US
Even though the US elections gained the most attention, the problems accompanying them are by no means particular to the United States. Back in July, that the North Macedonia country election commission, SEC, endured a DDoS attack that disabled it for many crucial hours, and other nations have endured international interference in their democratic procedure before.
It’s not possible to ascertain the magnitude of cyber actions that followed these elections. However, such actions have taken place. It may be estimated that the actions taken by the US government had a controlling effect on those cyber actions.
It would be wise for cybersecurity governments to conduct a comprehensive debrief and identify flaws that weren’t managed and enhanced towards the upcoming elections- and also for different countries to learn and execute those lessons learned.