A recent survey from machine identity protection provider Venafi revealed that 70% of cybersecurity professionals most likely believe their local governments cannot defend election infrastructure against cyberattacks from domestic and foreign threat actors. The survey, based on election infrastructure cybersecurity, also disclosed that 75% of security experts consider that the spread of malicious information is the biggest cyber risk to election integrity.
The majority of cyberattacks targeting election campaigns come from automated machines that inevitably spread information and direct attacks on the vote counting systems. Industry experts opine that the ongoing pandemic brings additional security hurdles to the election season. It is suspected that cybercriminals might take advantage of the crisis to spread false information and initiate cyberattacks, making security experts concerned about election data protection.
The research findings are based on the responses and opinions of 485 IT security professionals attending the RSA Conference 2020.
Kevin Bocek, Vice President of security strategy and threat intelligence at Venafi, said, “Security professionals are rightly concerned about cyberthreats impacting the democratic process. Organizations may have difficulty curbing deceptive or inaccurate information from people; however, they can keep their machines from spreading malicious disinformation. The election season is already in process and COVID-19 adds a new layer of security complications. Cyberattackers may take advantage of this period of uncertainty to undermine further public confidence by spreading disinformation. As a result, it’s not surprising security professionals are concerned that governments won’t be able to safeguard election data.”
Cyberattacks on U.S. Voters
Multiple security incidents have been reported earlier on misusing voters’ information and a lot of meddling happened in previous election campaigns. In October 2018, voter databases of around 35 million U.S. citizens were being peddled on a hacking forum. According to a report, cybercriminals obtained unauthorized access to the U.S. voter registration databases and kept them for sale in dark web forums, priced between $150 and $12,500. The database leaked personal information like names, phone numbers, address details, and voting history. The report stated the data disclosure affected 19 states, including Georgia, Idaho, and Iowa.