Is ransomware a threat to the 2020 election?

887
SHARE

Some U.S. authorities are concerned that the upcoming November Presidential Elections may be threatened by a ransomware attack.

Cybercriminals use ransomware to seize data and hold it hostage until they are paid a ransom. In the first half of 2020, it is estimated that private businesses spent over $144 million in response to ransomware attacks. 

Every industry was impacted. But it’s worth noting that out of the ten biggest attacks, five of the confirmed ransomware victims were government or municipal entities. And the number of attacks that have been hitting the U.S. is on the rise.

The July 26, Garmin attack is making some experts even more nervous. And the indictments handed down by the Department of Justice to the notorious Russian hackers the “Evil Corp” puts the focus on sophisticated cybercriminals.

The threat to elections isn’t just from foreign governments, but from sophisticated cybercriminals for hire.

2020 the year of ransomware attacks  

The sheer volume of these attacks is troublesome. And the fact that they are often successful and lucrative only increases the threat level.

Various types of ransomware, including DoppelPaymer, REvil/Sodinokibi, and NetWalker steal data as a forerunner to encryption. If the targeted entity doesn’t pay the ransom, major systems can be disabled or the stolen data may be published on a leak site or auctioned off to the highest bidder.

The escalation of attacks has encompassed a myriad of targets. Cybersecurity firm Emsisoft tracked malicious ransomware assaults on at least 128 federal and state entities who were impacted by ransomware during the first two quarters of 2020.

“We’re seeing state and local entities targeted with ransomware on a near-daily basis,” said Geoff Hale, a top election security official with Homeland Security’s Cybersecurity and Infrastructure Security Agency.

The worry is that a similar hack could affect voting systems, directly or indirectly, by infecting wider government networks that include electoral databases.

States act to prevent attacks

“From the standpoint of confidence in the system, I think it is much easier to disrupt a network and prevent it from operating than it is to change votes,” Adam Hickey, a Justice Department deputy assistant attorney general, said in an interview.

The scenario that keeps cybersecurity experts up at night is simple. A cybercriminal could inject malware on multiple networks that affect voter registration databases. Then activate it just before the election. Or they could target voter tabulation and reporting systems.

With ransomware, a criminal may just target a county or state without knowing which part of the network they are hitting. But as the infection spreads and the malware begins to creep along, the entire network is impacted, including the election infrastructure.”

According to New York Times reporting, a February advisory issued by the FBI recommends local governments separate election-related systems from county and state systems to ensure they aren’t affected in an unrelated attack.

The FBI and Department of Homeland Security have both issued advisories to local governments, including recommendations for preventing attacks.

States have been planning for worst-case scenarios and hardening election infrastructure. Many of them have compartmentalized the data to make it more secure.

To stop ransomware, states have shifted resources from detection to prevention. This is achieved by reducing the attack surface or network size along with known and unknown threat prevention. The most effective strategy for stopping ransomware attacks relies on preventing them from ever entering your system in the first place.

————————————————–

Have a story you want USA Herald to cover? Submit a tip here and if we think it’s newsworthy, we’ll follow up on it.

Want guaranteed coverage? We also offer contract journalism here.  Just be sure you’re comfortable giving up editorial control, because our journalists are dogged and will follow the story through to it’s conclusion. The story will be published to our exacting standards, without regard for your preferred slant.

Want to contribute a story? We also accept article submissions — check out our writer’s guidelines here.