Cybersecurity threats to the 2020 presidential election
With less than a week until the 2020 presidential election, cybersecurity is top of mind as malicious actors look to undermine the nation’s democracy. As voters make their final decisions, threat actors are setting their sights on vehicles for attack, disruption and misinformation.
Threat actors are looking for ways to disrupt the election with tactics such as stealing sensitive information, modifying votes after they have been cast to sway the outcome and spreading misinformation. With the majority of today’s cyberattacks including tactics such as establishing persistence, evading defenses by impeding security tooling and even deploying destructive malware, extra security measures are required to secure our democracy.
According to VMware Carbon Black’s 2020 Global Incident Response Threat Report, custom malware is now being used in 50% of the attacks surveyed, demonstrating that malware and malware services can be purchased to empower criminals, spies and terrorists, many of whom do not have the sophisticated resources to execute these attacks.
In response to these mounting threats, security concerns ahead of election include the following:
- Voter registration systems and databases. Because these platforms are managed on a state-by-state basis, and often without built-in security, attackers could manipulate results (especially in swing states) or alter the integrity of voter records for a specific political party by changing names or addresses and ultimately preventing people from casting their ballot.
- Websites monitoring real-time election results. While these sites help inform local media on the status of the election, they can also be easily manipulated by hackers to show false information, risking participation in the election as this causes confusion and distrust among voters.
- Major media outlets. Those outlets with a strong partisan stance will be particularly attractive to hackers as they can manipulate their social channels to create deceptive accounts that promote disinformation or data mine these major outlets’ followers for potential target lists.
This year has shown us that nothing is off-limits, and cybercriminals will continue to exploit such events like the presidential election for personal gain. The threat report also found that 73% of respondents believe that there will be foreign influence on the 2020 presidential election, and 60% believe it will be influenced by a cyberattack. These threats to our democracy are exacerbated by increasingly sophisticated disinformation campaigns, designed to sow division and create conflict through propaganda. While these are some of the more prominent issues facing November’s election, we are only scratching the surface and must continue our efforts toward a more secure democratic system, keeping cybersecurity at the forefront.
Greg Foss is a senior cyber security strategist with VMware Carbon Black.