Bad actors have been steadily increasing their attempts to hack US election systems ahead of the Nov. 6 congressional midterms, according to an intelligence assessment by the US Department of Homeland Security (DHS).
“We are aware of a growing volume of cyber activity targeting election infrastructure in 2018,” according to the notice, obtained by NBC News this week. “Numerous actors are regularly targeting election infrastructure, likely for different purposes, including to cause disruptive effects, steal sensitive data, and undermine confidence in the election.”
The department’s Cyber Mission Center said it’s working to identify who is behind the surge in cyber-attacks on U.S. election databases. It said that, so far, all attempts have failed.
Bad actors reportedly used typical infiltration techniques, such as phishing emails and denial of service attacks. The rate of attacks has been accelerating since they were first detected at the beginning of October.
Some states are better prepared for such incidents than others, as Vermont Secretary of State Jim Condos confirmed. In late August, hackers used three methods in an attempt to access the state’s online voter registration database. Neither attack was successful, Condos said, adding that, even if hackers compromised their systems, they’d lose “one day’s worth” of voter registrations at most, thanks to backups.
“And we also have same-day voter registration, which means that no one would be denied on election day,” he added.
The intelligence report clarifies that, although Russia and China continue to spread disinformation and propaganda through hackers posing as Americans, the DHS has not seen any attempts from these parties to directly compromise election systems.
In August, Homeland Security Undersecretary Jeanette Manfra told CNBC that the agency isn’t concerned about hackers tampering with actual voting machines, mainly because the voting machines are not designed to connect to the Internet. A hacker would need physical access to the machine and, even so, sensors are in place to trigger alarms in such an event.
Rather, the DHS is more concerned with the integrity of the systems that support the pre- and post-voting periods. The agency has been working to protect administrative offices and the databases that hold voter registration information. The databases themselves have been equipped with sensors to monitor both inbound and outbound web traffic to spot malicious activity more efficiently.
*** This is a Security Bloggers Network syndicated blog from Bitdefender Labs authored by Filip Truta. Read the original post at: https://labs.bitdefender.com/2018/10/election-system-hack-attempts-accelerate-ahead-of-us-midterms-according-to-us-homeland-security/