Spamming post offices with letters that feature a specific bar code to reset sorting machines. Creating fake reports that immigration and enforcement officers would hit certain polling places. Hacking into a COVID-19 test database and increasing the number of positive cases.
In a simulation of potential election security issues held this week, traditional hacking had a minor role. Instead, the red team — a group of faux attackers made up of security professionals, election experts, and law enforcement — focused on undermining confidence in the election and reducing turnout. From spreading misinformation about new outbreaks to finding ways to hamper the processing of mail-in ballots, the attackers found inexpensive ways to undermine faith in the most basic democratic institution: voting.
As the exercise progressed, the red team showed that, if the aim is undermining faith in the election and not necessarily swinging the election toward a single candidate, the goal is quite achievable, says Maggie MacAlpine, co-founder of cybersecurity consultancy Nordic Innovation Labs and one of the red team participants in the exercise, run by endpoint protection firm Cybereason.
"There is this creeping sense of uneasiness [because] none of what we did was very expensive," she says. "Most of the attacks we proposed don't cost anything. Putting out a tweet that shows a crowded hallway and claiming it is certain polling place, that's easy."
Mounting ConcernsWith 74 days until the US presidential election, election security has become a critical worry, especially as states attempt to adapt to the realities of holding an election during a pandemic. The concerns have been heightened by disinformation attac ..
Support the originator by clicking the read the rest link below.
