The use of social media by foreign influence voters is not a new trend. In 2016, bots created fake discussions about election topics to sway voters towards a specific candidate. As the United States prepares for its mid-term elections in November of this year. Cyber-attacks by actors from Russia, China, Iran, and their proxies begin occurring well before the elections cycle. Unlike previous actions, it is likely to become even more difficult to spot these bots. Advances in bot technology are likely to make fake accounts appear more often by utilizing observations of human interactions and discussions to learn.
One tool that has emerged recently in influence operations is Deepfake technology. Deepfake technology allows for the influence actor to create realistic-looking videos of public figures saying whatever the attacker chooses. This technology can be used to influence voters in a variety of different ways. Poorly secured voter databases contain personally identifiable information. Leaks of this data may be used for a variety of purposes. Misinformation campaigns can utilize the information and mined data to send targeted or inaccurate information in attempts to influence voters. However, foreign influence is not just focused on misinformation. Threat actors from Russia, China, Iran, and their proxies may seek to directly attack voting systems with malware in an attempt to influence the election.
The protection of our election processes begins with redundancy in systems, processes, and data collection, including the use of paper ballots. In 2016, 27.5 million people voted paperlessly. In the 2018 midterms, no non-electronic data capture existed in Delaware, Georgia, Louisiana, New Jersey, or South Carolina. It is likely this number will continue to increase as states focus more effort on making elections all-digital. These efforts are fruitless without the cybersecurity in place to prevent tampering. While poor security of election machines is of concern, some vulnerabilities potentially allow votes to be changed or added after the election is complete.
Vulnerabilities with paperless machines will continue to exist as many states lack budgets that do not provide for replacement or upgrades, or do not enact policy mandates directing a length of time before machines can be replaced. There are, on average, 4,000 ransomware attacks every day with recent attacks being more targeted and designed to deny access to resources. Since voting machines are computers and occasionally internet-connected, they are potential targets of ransomware attacks. As a result, it is vital that voters be able to generate and approve a paper record of their vote.
Election security begins long before election day. If you are a Hive-IQ® user join TeamWorx Security on April 5th for our election security webinar. We will be discussing how we can identify issues and respond to protect the integrity of our voting processes.
Alex Lothstein
Alex is an Intelligence Analyst at TeamWorx Security. He has experience in the history/museum world researching, writing, and breaking down large pieces of information on complex topics into understandable bits for a general audience. His experience analyzing the past to better understand the present is a great asset in his intelligence research and writing.