A primer on how hackers are targeting the Presidential Elections 2020 and what officials are doing, as cyber security plays a major role now in the electoral process.
“It’s time to wake up”,
– Ruth Hill Bro, a privacy and cyber security attorney.
As we all are aware – elections are the time when the people of a country are endowed with enormous power and choose their collective future. Every citizen partakes to elect the subsequent group of representatives which will govern. As laws continue to change, elections and critical infrastructure become high stakes in cybercrimes. Things are changing so fast that people want to wait until things get settled, but we have to act now. Cyberattacks costs are escalating, the risks are multiplying and the targets are increasing.
But wait, are our votes secure?
What are the Chances of Fraud Affecting the Vote?
Vote by mail does introduce new risks. In theory, it could be easier for someone to fraudulently vote on behalf of someone else or for someone to tamper with the ballots in a vote-by-mail system. A political operative can’t join you at the polling place and verify that you voted for a particular candidate or not, but they could come to your home, and pressure you to vote a particular way, and watch you fill out your ballot and drop it in the mail. In practice, however, voter fraud is very rare, and the risk of widespread fraud is probably quite minimal, even with all-mail elections. But nevertheless, as more voters cast their ballots through mail, we should think about these issues and do what we can, within reason, to identify and mitigate fraud or coercion.
In practice, however, voter fraud is very rare, and the risk of widespread fraud is probably very minimal, even with all-mail elections. But nevertheless, as more voters cast their ballots through the mail, we should think about these issues and do what we can, within reason, to identify and mitigate fraud or intimidation. Whether you cast your ballot in person or by mail, the chances of fraud happening with your vote are extremely low. Even the intelligence officials have said on multiple occasions that there is no evidence of any coordinated campaigns to commit mail-in voting fraud.
Can Voting Machines Get Hacked? How easy is it to hack a Voting Machine?
In 2018, voters in Texas complained of machines that were changing their selections, but it wasn’t because of any cyberattacks. The state’s voting machines had a software bug that means if you selected the “straight party ticket” option and kept pressing buttons before the page finished loading, it would change your selection. Disinformation campaigns will flock to these software glitches and claim that it’s election fraud, as Russia did during the 2016 elections. So just because something isn’t working properly doesn’t mean that it was hacked.
But again to which, we cannot take it in a way whether it’s a machine or a system fault. There are chances, the machines can get hacked. There are two types of voting machines used in the U.S., namely the optical voting machines and direct recording electronic (DRE) machines. The issue with these machines is that most of them are over a decade old. Designed in a period when cyberattacks were not so excessive, they carry outdated software and even their providers like Microsoft, are not issuing any updates. This causes a great risk of security vulnerabilities. There are multiple ways through which malicious actors can exploit voting machines, like physically tamper with the device’s hardware, by designing multiple-use election cards for DRE machines, attackers inserting malicious code through remote access.
What happens if a Ransomware Attack Affects the Local Election County?
Ransomware is a major concern for local officials, who worry it can affect elections even if it isn’t directly targeting voters. The malware – encrypts computers unless victims pay the hacker’s ransom. It has increasingly started targeting governments because of the vulnerabilities in their machines, networks and the ability to pay the costs. A ransomware attack would disrupt an election, but it wouldn’t stop voters from getting counter.
“The dependence of elections of computing and networking infrastructure makes ransomware a highly relevant threat”, said Bhullar.
Ransomware is a very real threat vector and high risk to elections. Even setting aside scenarios involving nation-state actors, basic cyber mercenaries are also a problem.Generally, cybercriminals look for high-value targets and it doesn’t get much more valuable than voter data during a presidential election.
According to NBC News, a Georgia country’s election division suffered a ransomware attack in October, blocking access to a database of local signatures. But official could still verify signatures for mail-in ballots through its physical records. These kind of attempts can slow down the systems or temporarily inaccessible to election officials, but would not prevent voting or the results.
Votes can’t be done by text message or via social media.
Don’t get played. Every year there are a lot of fake ads and campaigns go live to confuse voters into missing out on Election Day. In the past few elections took place where hackers and online trolls have reportedly tried to misguide voters by offering false voting alternatives like text messaging, or tweets for say – to effectively trick people into not actually casting their ballot. Fooling around with innocent people and persuade them into thinking that some technological wizardry like an app or some text message counter will record their vote.
But it’s not true, the only way to vote is by going to the polls or by using a mail-in ballot.
The task and the challenge for Americans are both to remain engaged and confident in their system as national security officials say is appropriate, while also preserving some skepticism, common sense and patience. The speedily evolving cyber landscape and ongoing use of outdated technology for Presidential Elections makes the U.S. and other countries vulnerable, and majorly the undefended targets.