Ransomware – A Major Threat to 2020 Election

Ransomware - A Major Threat to 2020 Election

The United States is probably heading for the most crucial presidential election in its history. Sitting president Donald Trump will take on the challenger Joe Biden in the high-profile election that is going to define the US role in regional as well as international politics. Amid rising tension with China and Russia, the coming US President will have a little too much on his plate.

Like in the past, there are chances of external influence and threats on the US Presidential Election 2020. You must have heard the claims of bogus voting machines, fake votes, and electoral manoeuvrings in the previous elections. This time, ransomware has also emerged as one of the major threats to the election infrastructure. The key reason behind this threat is the old software and vulnerable voting machines in the United States. Cybercriminals have already upped their activities from the start of this year and now the US Presidential Election 2020 gives them a massive opportunity to disrupt the process or create doubts on the integrity of the election.

The Big Day

The NTT Ltd recently issued a global warning report for September that highlighted the ransomware threat. According to the report, ransomware could be used on the US Election Day, especially once voting machines are activated for the electoral process. The report mentioned that cybercriminals could try to disrupt the voting process or procedures or literally jamming the voting operations across the country.

The report stated, “Election threats from ransomware, or other types of cyber-attacks, do not come solely from foreign governments. Cyber-attacks against the US election infrastructure can be launched by any criminal threat actor seeking financial gain. 

The NTT report pointed out that the US Election could be disrupted in the following ways.

  1.     Disinformation Campaigns
  2.     Foreign Interference or Intervention
  3.     Ransomware Attacks
  4.     Changing the US Postal Service operating procedures
  5.     Targeting the ageing technology
  6.     Voter Apathy
  7.     Voter Roll Purge
  8.     COVID-19 Contagion at Voting Venues

This could be a high-stake endeavour to disrupt the US voting process to demand money or to cast doubts on the integrity of the system. The report said, “A cyber or physical attack on the election infrastructure, whether election systems or processes are interconnected or not, could potentially lead to overall election system dysfunction, errors in the vote count, delays in voting results and erroneous election reporting.”

The report highlighted that the first line of defence against these possible attacks would be a secure and reliable US election infrastructure. According to the NTT, the threats could emanate from three areas.

  1. Pre-Election Activities

A number of US presidential candidates have questioned the voter registration process across the country in the past many elections. This could be the centre of attention for cybercriminals this year. They can tamper or delete the voters’ registration data, thereby stopping the legal voters from casting their votes. Similarly, a malware planted on a voter registration system could actually compromise it and raise questions over the integrity of the collected data. The cyber attackers can also mind voters’ data for personal identifying information, which they can use later for ransom. Moreover, they can also sell this data on the dark web for making big bucks.

  1. Election-Day Processes

The Direct Record Electronic (DRE) voting machines are used in the US election. However, these machines can be exposed to physical damage by a cyberattack. Moreover, the US election results are submitted either electronically or via email on election night. Cybercriminals can actually send malware on the optical scan machine at any point from any warehouse and harm the data.

  1. Post-Election Activities

Since this year’s US Presidential Election is set to be a fiercely-contested one, the US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency has already chalked out a plan to deal with the post-election cybercrime activities. The NTT report also confirmed that there were fewer chances of cyberattacks on the post-election activities due to the measures taken by the authorities. 

To ensure DDoS protection and from other malware, the NTT analysis suggested following the latest cybersecurity protocols and practices that ensure secure cyber-hygiene. The report highlighted that secure cyber-hygiene could act as the first line of defence against ransomware and other types of cyber intrusions. Moreover, the report also suggested the use of proper virtual patching and updating processes that also include free scan activities. On top of that, it was recommended to have a decent custodianship of the hardware and raising security awareness.

Warning from Federal Agencies

The US Federal Authorities have also warned against a well-time malware attack to disrupt the voting process. According to a report, even if the attackers failed to paralyze the process, they would still dent to the authenticity and integrity of the voting system. This could result in a massive political turmoil that would have the potential to dampen the political climate in the country. Colorado Secretary of State, Jena Griswold said in a recent interview, “With the 2020 election, election infrastructure has a target on its back. We know that election infrastructure was attempted to be undermined in 2016, and we know the techniques are shifting.”

The Consistent Rise in Cyberattacks

There has been a consistent rise in cyberattacks over the past few years. Cybersecurity firm Emsisoft found out in a report published in December last year that malware attacks targeted US government agencies including Texas’ transportation agency and city computers in New Orleans. The report mentioned that the Emsisoft tracked cyberattacks against 966 entities that disrupted rescue services and made medical records inaccessible and blocked attempts to verify background checks from police departments. According to the report, criminals were after fortune-making attempts by seizing crucial data and keeping it hostage until they get the ransom. These attacks have the potential of attacking and destroying the US voting system, both directly and indirectly. 

David Tackett, chief information officer for the Secretary of State in West Virginia, said, “I’m more worried that those people who are working extra hours and working more days, the temporary staff that may be brought in to help process the paperwork, that all this may create a certain malaise or fatigue when they are using tools like email.” In the light of what Tackett has to say it can be assumed that a single click from a county worker, who falls prey to a spear-phishing attack, can award hackers access to the county network as well as the electoral systems.

The Final Word

The US Presidential Election 2020 could be the make or break event for the United States. With so much interest involved, the threat has also surmounted to an unprecedented level. Whether Donald Trump or Joe Biden gets the term to serve America as the President on Tuesday, November 3, 2020, whole machinery of federal and state officials will work days and nights to make sure the process gets unaffected by ransomware or DDoS attacks. There is already a huge cybersecurity activity across the US security departments which are taking into consideration all ways possible, like DDoS protection, virtual patching, and free scan, to make sure that the confidence on the US electoral process stays intact and there is no controversy in the aftermath of the election.