Cybersecurity Issues: US Election cyberattacks by foreign entities

All aspects of our daily lives involve a growing number of pieces of technology. This includes voting, where many machines and election systems are digital. For the 2020 presidential election, concerns surrounding hacking by foreign entities has resulted in cybersecurity staff being on high alert, in order to mitigate and prevent any potential cyberattacks.

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a national call to action, known as #PROTECT2020, to ensure election security in the upcoming election cycle. Ensuring a secure election is key, as Microsoft reported in September that a number of cyberattacks have already been detected, targeting people associated with the upcoming presidential election.

“The activity we are announcing today makes clear that foreign activity groups have stepped up their efforts targeting the 2020 election as had been anticipated, and is consistent with what the U.S. government and others have reported,” says Tom Burt, Microsoft’s Corporate Vice President of Customer Security and Trust.

The majority of the attacks were unsuccessful, says Microsoft, also emphasizing that the attacks have a wide reach – targeting not only candidates but campaign staffers and consultants.

The attacks take a variety of approaches to gather information. Some focus on targeting log-in information and account credentials via spear fishing, while others focus on web bugs and espionage campaigns.

Additional concerns surround the potential reprogramming of election machines by hackers or the use of ransomware to hold election results hostage. Regardless of the method, cybersecurity staff are tasked with ensuring these types of attacks remain unsuccessful.

One method that has been put into place on electronic machines are digital sensors that act as a burglar alarm, triggering if malware is detected. The Albert Sensor originated with the Department of Homeland Security and was shared as a low-cost security method by the Center for Internet Security (CIS).

“The passive sensor sits on the network and collects data, which is then encrypted and transmitted around the clock to the CIS center for analysis,” reports Alexander Slagg in StateTech Magazine. “When an alert is verified as actionable, CIS sends an event notification to the organization.”

CISA has made a number of resources available to cybersecurity staff related to the election, including a cyber incident detection and notification planning guide for election security, election infrastructure cyber risk assessment and infographic, and guide to vulnerability reporting for America’s election administrators.

Another one of CISA’s resources is the election risk profile tool, which can be used to understand the potential risks within a given region. The tool “addresses areas of greatest risk, ensures technical cybersecurity assessments and services are meeting critical needs, and provides a sound analytic foundation for managing election security risk with key partners at the federal, state and local level,” reports CISA.

Those in the cybersecurity field have a daunting task ahead of them, to stay on top of all potential election fraud as hackers develop new and innovative ways to target election systems. They will be fundamental to ensuring a safe and secure election cycle this November.

Want to learn about cybersecurity? Capitol Tech offers bachelor’s, master’s and, doctorate degrees in cyber and information security. Many courses are available both on campus and online. To learn more about Capitol Tech’s degree programs, contact admissions@captechu.edu.