Written by Tom Kellermann, Head of Cybersecurity Strategy at VMware Carbon Black
Ahead of the 2020 U.S. presidential election, there are a number of cybersecurity threats looming. In an unprecedented year, we have already begun to see foreign interference,(1) government agencies hit with ransomware attacks(2), the National Guard deployed by state and local governments to assist with securing election infrastructure(3) and so much more. This is all compounded by the pandemic, which has created logistical challenges and complicated access to voting.(4)
With voter confidence and the integrity of the election on the line, how can election officials safeguard IT infrastructure, voter registration databases, and more?
As voters are heading to the polls, we hosted a live webinar bringing together experts to weigh in on the state of election security, the evolution of threats and securing the vote for the 2020 election and beyond. The conversation featured:
- Tom Kellermann, Head of Cybersecurity Strategy, VMware
- Kevin Coleman, Executive Director, National Cybersecurity Alliance (NCSA)
- Eric O’Neill, National Security Strategist, VMware
- Lauren Harrington, Partner Solutions Manager, VMware
Here’s what the experts had to say.
How has cybersecurity changed in 2020?
There’s no doubt that the threat landscape has changed in 2020. The recent VMware Carbon Black Global Incident Response Threat Report found the election and COVID-19 have created the perfect storm for increasingly sophisticated cyberattacks.
“Criminals are now learning from espionage and buying information that spies leave behind and using that intel to launch their own attacks,” said Eric O’Neill.
O’Neill also explained that the dark web, which World Economic Forum predicts it will become the third largest economy by 2021,5 has empowered these cybercriminals. “This magnifies all of the damage we are seeing,” he added.
Cybercriminals are known for exploiting disruption, and the global pandemic and upcoming election are no exception.
Kevin Coleman noted, “what we’re seeing is the continued communication, collaboration and continuity between bad actors, they don’t mind working together. Cybercriminals who were historically opposed to each other in so many ways including geopolitical, are now teaming up to work together for the common cause of penetrating private sector networks, government networks and manipulating elections.” He stressed that security professionals need to do the same thing – collaborate – and “at a much higher rate.”
The rise of ransomware attacks
In the first two weeks of September alone, seven government entities were hit by ransomware attacks and had their data stolen.6 These attacks not only jeopardise the integrity of the election by giving voters the impression that their vote will not be accurately counted but also that attacks have compromised voting systems.
Tom Kellermann shared, “we’ve seen a dramatic renaissance of ransomware over the past 18 months. We are now seeing a modular structure of ransomware with more than 14 built-in aversion techniques.”
O’Neill explained that ransomware has been around since 2013. “However, from 2013 to 2019, $140 million was paid in ransomware attacks according to the FBI.” A notable surge as cybercriminals cash in on holding critical data like voter registration databases hostage.
So, what are security pros saying election security? The Global Incident Response Threat Report found that 73 percent of respondents believe there will be foreign influence on the 2020 U.S. elections.
O’Neill noted that due to the distributed election system, local governments and municipalities, there are challenges for criminals looking to attack an entire network. Nevertheless, according to O’Neill, “spies and nation state actors can cause disruptive and damaging attacks on local and state elections. One of the problems is that many of our local election systems are still old tech and don’t have the best in show cybersecurity so they are certainly vulnerable.”
This concerning threat landscape means it’s time that state and local governments rethink cybersecurity. In the VMware Carbon Black whitepaper Best Practices for Securing Critical Infrastructure for State and Local Governments, we highlight additional measures agencies can use to stay better secure, as well as some possible consequences of leaving vulnerabilities unaddressed.
For more insight on election security, catch the webinar on-demand: Cyber Insecurity: Securing the Vote in the 2020 Election.
To learn more about what security pros are saying about cyberattacks, foreign influence and more, download our latest Global Incident Response Threat Report: The Cybersecurity Tipping Point Election, COVID-19 create perfect storm for increasingly sophisticated cyberattacks.
This blog may contain hyperlinks to non-VMware websites that are created and maintained by third parties who are solely responsible for the content on such websites.
- gov, “FBI Denver Educates Community About Election Security and Foreign Malign Influence in Advance of the November Election,” October 2020.
- ZDNet, “Ransomware victims are paying out millions a month. One particular version has cost them the most,” March 2020.
- gov, “Executive Order 46,” October 2020.
- The Wall Street Journal, “Voters Face a Complicated Election as the Pandemic Remakes Voting,” September 2020.
- World Economic Forum, “The Global Risks Report 2020,” January 2020.
- New York Times, “Ransomware Attacks Take On New Urgency Ahead of Vote,” September 27, 2020.