Tuesday, September 29, 2020

Officials fear cyberattacks to voting systems before election

Federal officials fear that, just before or after the election, hackers will try to get into voting systems and "sow chaos and uncertainty" with tactics such as freezing voter registration data, election poll books, or the computer systems of the secretaries of state who certify election results, Nicole Perlroth and David Sanger report for The New York Times.

Attacks have been ramping up, including a recent attack on Tyler Technologies, a Texas company that sells software that states and cities use to display results on election night. It's "the latest of nearly a thousand such attacks over the past year against small towns, big cities and the contractors who run their voting systems," Perloth and Sanger report. "Many of the attacks are conducted by Russian criminal groups, some with shady ties to President Vladimir Putin’s intelligence services. 

Federal investigators aren't sure whether the attack on Tyler was a run-of-the-mill ransomware attack, in which hackers lock data until they're paid a ransom in cryptocurrency. But some of Tyler's clients noticed outsiders trying to log into their systems after the attack, Perloth and Sanger report. 

"With only 37 days before the election, federal investigators still do not have a clear picture of whether the ransomware attacks clobbering American networks are purely criminal acts, seeking a quick payday, or Trojan horses for more nefarious Russian interference," Perloth and Sanger report. "But they have not had much success in stopping them. In just the first two weeks of September, another seven American government entities have been hit with ransomware and their data stolen."

One cybersecurity expert said it's likely that local governments will be hit by hackers around the election, Perloth and Sanger report.

"The proliferation of ransomware attacks that result in data theft is an evolution in Russian tactics, beyond the kind of 'hack and leak' events engineered against the Democratic National Committee and Hillary Clinton’s campaign chairman, John Podesta, in 2016," Perloth and Sanger report. "By design, whether the attacks are criminal or state sponsored is not clear, and the attacker does not always have to be successful everywhere. Just a few well-placed ransomware attacks, in key battleground states, could create the impression that voters everywhere would not be able to cast their ballots or that the ballots could not be accurately counted — what the cybersecurity world calls a 'perception hack.'"

No comments: