A New Goverment - Who's Hacking Whom?

Last year was another busy one for the cybersecurity world. Aside from ransomware, DDoS attacks and social media hacking all making the headlines, it was also the year that cyber-threats surrounding the political voting process were brought to light more than ever before.

In the months and weeks leading up to one of the most controversial US elections of all time between Hilary Clinton and now President Donald Trump, the world watched as cyber tactics played an important role in the race to the White House.

Alleged Russian government-backed cyber-criminals broke into computers and accessed data belonging to the Democratic National Committee, purposed Trump supporters defaced the Wikipedia page of Clinton with pornographic images and warnings of nuclear war should the former Secretary of State have come to power and hackers took to social media to state they would be monitoring the proceedings “from inside the system” – all with the clear intention of manipulating and affecting voters.

What’s more, researchers from Cylance successfully hacked one of the most popular voting machines used in the US, demonstrating how tallies can be easily altered at will by outside interference, whilst ‘real-life’ allegations of such tampering also surfaced.

What these events revealed is that not only are malicious forces – be that state sponsored hackers, political activists or mere mischief makers – growing ever-keener to gain access to and exploit the sort of sensitive data that can affect a political election, but that there are significant security issues that arise when an election is taking place.

“Cyber threats attempting to influence voting are absolutely a form of espionage,” Ben Johnson, Carbon Black, told Infosecurity. “These attacks show us that nation states and other motivated actors are willing to do whatever it takes to gain an advantage when it comes to political processes.”

Far be it for me to suggest that the outcome of last November’s election would have been different had the attacks not occurred, but I think it would be naïve to fail to acknowledge the potential these types of attacks have to influence the thought process of at least some voters to at least some extent.

“Whilst the election is not a digital process, it can still be significantly and decisively disrupted by digital issues,” argued Daniel Miessler, practice director of advisory services for IOActive. “Even if attackers didn’t compromise actual election systems and tangibly affect the outcome in some way, the mere implication they did would likely serve its purpose.”

“Above all else,” added Johnson, “these attacks are attempting to seed doubt in democracy and doubt in the system. This doubt leads to mistrust and mistrust, in its most dangerous form, breeds apathy. If voters do not trust the system and decide not to vote, the election can be influenced.”

The really unsettling issue for me as we look to the future is just how much evolving cyber-attacks really could invade, damage and discredit the legitimacy of democratic voting, and whether what we’ve seen so far has been just the tip of the iceberg.

“We are only seeing the beginning of this trend,” warned Avi Chesla, CEO and founder of empow. “These types of voting manipulation attacks have significant potential for escalation.

“Attacks that target political organizations, politicians and voting systems with the aim of impacting national elections will become more common as this new hacktivism trend progresses. We expect to see more sophisticated and evasive attacks exploiting weaknesses in voting systems and hackers manipulating the vote in a way that will go unnoticed.”

So what is the answer? What needs to be done to solidify security around the various elements of elections and ensure the integrity of the democratic vote is kept safe?

For Johnson, this is about elevating the conversation to the highest forms of government. “No single company or vendor is going to ‘solve’ security; we must be working in tandem to ensure that all elements of an election are protected from possible outside influence.”

This is an opinion shared by Chesla, who added that governments should develop a more holistic approach to defending against threats that span multiple targets, and which may be located in different geographic locations, so that defense is deployed as an intelligent layer that sits on top of these silos, observing and understanding the bigger picture.

“There is an enormous need for something like a national ‘shield’ that can sit atop existing cybersecurity systems to hunt for threat actors and analyze input events and behaviors that might flag suspicious activity,” he said. “Making this type of defense infrastructure proactive will prove a lot easier and quicker if there is extensive collaboration between countries facilitating an exchange of real-time information and coordination.”

What’s Hot on Infosecurity Magazine?