Security News

Through disinformation campaigns, foreign adversaries attempt to exploit the fear and uncertainty among US voters, says Digital Shadows. The 2016 presidential election was marked by meddling most notably from Russian agents who attempted to influence voters through disinformation on social media and other platforms.

A ransomware attack that hobbled a Georgia county government in early October reportedly disabled a database used to verify voter signatures in the authentication of absentee ballots. According to a report in the Gainesville Times, the attack also disabled the county's voter signature database.

That presents a fresh set of security concerns, which include a lack of transparency over the security measures and voter auditing applied to each type of voting method. The lack of resources needed to adapt and secure the mail-in voting process by the early November election date is has been another cause for concern.

Ransomware gangs have officially entered the 2020 election fray, with reports of one of the first breaches of the voting season, on Hall County, Ga. The county's database of voter signatures was impacted in the attack along with other government systems. Although the county said the voting process hasn't been impacted by the ransomware attack, the incident is a warning to other municipalities to lock down their systems, particularly in these last days leading up to the election.

SecurityScorecard released a report earlier this month that looked through the overall cybersecurity posture of all 56 US states and territories leading up to the presidential election. The study found that 75% of all states and territories had IT infrastructures that are vulnerable to a variety of cyberattacks.

Attacks growing increasingly sophisticated and destructive. As eCrime groups grow more powerful, these attacks have grown increasingly sophisticated and destructive - respondents reported that 82 percent of attacks now involve instances of counter incident response, and 55 percent involve island hopping, where an attacker infiltrates an organization's network to launch attacks on others within the supply chain.

With the U.S. presidential elections a mere few weeks away, the security industry is hyper-aware of security vulnerabilities in election infrastructure, cyberattacks against campaign staffers and ongoing disinformation campaigns. The good news, Olney, said in a recent video interview with Threatpost, is that awareness of election-security threats has increased since the 2016 elections.

American voters face an especially pivotal, polarized election this year, and scammers here and abroad are taking notice - posing as fundraisers and pollsters, impersonating candidates and campaigns, and launching fake voter registration drives. It's not votes they're after, but to win a voter's trust, personal information and maybe a bank routing number.

Google says its Threat Analysis Group hasn't observed any significant coordinated influence campaigns that are targeting United States voters on its platform. Google also notes that users who were identified as being targeted in such attacks were alerted, and that the Federal Bureau of Investigation was also informed of these attacks.

75% of all 56 U.S. states and territories leading up to the presidential election, showed signs of a vulnerable IT infrastructure, a SecurityScorecard report reveals. Since most state websites offer access to voter and election information, these findings may indicate unforeseen issues leading up to, and following, the US election.