With the US election is upon us, cybersecurity researchers find themselves less concerned with potential winners and losers of the various races occurring around the country and more concerned with possible hacks against voting infrastructure, crippling ransomware incidents and disinformation campaigns.
Election-related attacks have been making headlines daily, including the hack of Donald Trump’s campaign website, but what other politically motivated and election-related threats will we potentially see this November?
Microsoft Scores Temporary Victory Over Trickbot
In October, Microsoft announced it achieved a victory against cybercrime when it had thwarted Trickbot — a malware used to infect critical computer systems. Trickbot and other ransomware, they warned, could be used to target elections offices on Election Day.
But just days later, a wave of ransomware attacks hit US hospitals, and US officials and cybersecurity experts said Trickbot was to blame. The FBI warned that hackers used Trickbot in conjunction with other malicious code to carry out attacks against US hospitals, disrupting computer systems and delaying surgeries. Additional attacks could be looming, US officials added.
What Other Threats Does Voting Integrity Face?
A hacking group who took over the networks of Hall County, Ga., recently escalated their ransom demands by publicly releasing election-related files after their ransom demand wasn’t met. This immediately raised concerns about the security of voting from cyberattacks, according to the Wall Street Journal. A website rUn by the hacking group lists Hall County and other hacked organizations as entities whose “time to pay is over.”
The Hall County files were labeled as “example files,” which are usually nonsensitive and used to coerce payment before more sensitive information is disclosed. The release of the Hall County files came one week before the presidential election. Polls show that races were tight in Georgia.
Who was Responsible for the Release of the Hall County Election Files?
The hacked county files were released on the website of the DoppelPaymer ransomware group and contained named individuals with provisional ballots flagged for their signatures not matching; voter names and registration numbers; and an election-equipment inventory. Additionally, the FBI and the Cybersecurity and Infrastructure Security Agency, or CISA, issued a warning in October about Russian-state-sponsored hackers targeting US state, local and other government and aviation networks in advance of the election.
If you are still having trouble, consider contacting remote technical support options.