The United States presidential election is four days away. Last Wednesday, government officials released a statement about Russian and Iranian hacking threats. The next day, more information followed. What global corporate enteprise lessons can be learned?
On October 21, Director of National Intelligence John Ratcliffe informed the public that Russia and Iran stole voter registration information for the sake of election interference. While the data was publicly available, theories were floated that stealing the data was simply cheaper than buying it or that voter-related breaches help put into question the legitimacy of election results.
A day later, the FBI and the Cyber Security and Infrastructure Security Agency (CISA) released two joint statements providing additional detail to Wednesday’s rushed press conference. Included were some of the strategies deployed by Iran, such as using the stolen data to send fake Proud Boy emails to registered Democrats. Ratcliffe claims that by doing so, Iran attempted to turn voters away from Donald Trump. Some of his colleagues disagree. The same alerts accused Russia of penetrating dozens of state and local government infrastructures, including aviation networks.
Sowing election uncertainty is a known practice of Russian and Iranian hackers, though both countries vehemently deny the claim. As a response, the Treasury Department imposed sanctions on Iran. Russia remains unpunished. It is important to note that US election and voter systems themselves have not been hacked.
Currently, the main cyber threat leading up to election day come in the form of misinformation campaigns and sowing doubt in the legitimacy of election results. It is extremely difficult for foreign operatives to hack into election systems and physically add, remove, or change votes. Instead, these foreign operators hack the minds of Americans. They leak false information that looks legitimate and open lines of questioning on social media that leave some people unsure of its accuracy.
Additionally, campaign staff devices, campaign websites, and other pop-up election infrastructure are prone to weakness. Enterprise infrastructure isn’t immune to cyber crime, and their resources far surpass that of election IT resources.
In June, the US Treasury Department warned that the Russian hacking group known as Evil Corp.—who also has ties to the Russian government—was taking advantage of new cyber security weaknesses as people increasingly started to work from home. The same infrastructure these hackers use to commit run-of-the mill cyber crimes through ransomware can also be used to wipe out data or spread infections from computer to computer, department to department, and organization to organization using interconnected servers. It is possible the seeds planted for a ransomware attack could pivot into election tampering territory.
Ultimately, widespread distrust around voting accuracy could cause just the right amount of damage. John Hultquist, FireEye director of threat intelligence, made this observation in June: “The disruption may have little effect on the outcome. It may be entirely insignificant to the outcome — but it could be perceived as proof that the election outcome is in question. Just by getting access to these systems they may be preying on fears of the insecurity of the election.”
Read More: Incident Of The Week