Ahead of the 2020 US presidential election, there are a number of cybersecurity threats looming. In an unprecedented year, we have already begun to see foreign interference, government agencies hit with ransomware attacks, the National Guard deployed by state and local governments to assist with securing election infrastructure and so much more. This is all compounded by the pandemic, which has created logistical challenges and complicated access to voting.
Voter confidence and the integrity of the election is on the line. How can election officials safeguard IT infrastructure, voter registration databases, and more?
As voters are heading to the polls, we hosted a live webinar. We brought together experts to weigh in on the state of election security, the evolution of threats and securing the vote for the 2020 election and beyond. The conversation featured:
Tom Kellermann, Head of Cybersecurity Strategy, VMware
Kevin Coleman, Executive Director, National Cybersecurity Alliance (NCSA)
Eric O’Neill, National Security Strategist, VMware
Lauren Harrington, Partner Solutions Manager, VMware
Here’s what the experts had to say.
How has cybersecurity changed in 2020?
There’s no doubt that the threat landscape has changed in 2020. The recent VMware Carbon Black Global Incident Response Threat Report found the election and COVID-19 have created the perfect storm for increasingly sophisticated cyberattacks.
“Criminals are now learning from espionage and buying information that spies leave behind and using that intel to launch their own attacks,” said Eric O’Neill.
O’Neill says the dark web, which World Economic Forum predicts will become the third largest economy by 2021, has empowered these cybercriminals. “This magnifies all of the damage we are seeing,” he added.
Cybercriminals are known for exploiting disruption. The global pandemic and upcoming election are no exception.
Kevin Coleman noted: “what we’re seeing is the continued communication, collaboration and continuity between bad actors, they don’t mind working together. Cybercriminals who were historically opposed to each other in so many ways including geopolitical, are now teaming up to work together for the common cause of penetrating private sector networks, government networks and manipulating elections.”
He stressed that security professionals need to do the same thing – collaborate – and “at a much higher rate.”
The rise of ransomware attacks
The first two weeks of September saw seven government entities hit by ransomware attacks and have their data stolen. These attacks jeopardise the integrity of the election by giving voters the impression that their vote will not be accurately counted. It also suggests that attacks have compromised voting systems.
Tom Kellermann shared, “we’ve seen a dramatic renaissance of ransomware over the past 18 months. We are now seeing a modular structure of ransomware with more than 14 built-in aversion techniques.”
O’Neill explained that ransomware has been around since 2013. “However, from 2013 to 2019, $140 million was paid in ransomware attacks according to the FBI.” A notable surge as cybercriminals cash in on holding critical data like voter registration databases hostage.
So, what are security pros saying about election security? The Global Incident Response Threat Report found that 73 percent of respondents believe there will be foreign influence on the 2020 US elections.
The distributed election system, local governments and municipalities, creates challenges for criminals looking to attack an entire network. Nevertheless, according to O’Neill, “spies and nation state actors can cause disruptive and damaging attacks on local and state elections. One of the problems is that many of our local election systems are still old tech and don’t have the best in show cybersecurity so they are certainly vulnerable.”
Time to rethink cybersecurity
This concerning threat landscape means it’s time that state and local governments rethink cybersecurity. In the VMware Carbon Black whitepaper Best Practices for Securing Critical Infrastructure for State and Local Governments, we highlight additional measures agencies can use to stay better secure. We also list some possible consequences of leaving vulnerabilities unaddressed.
For more insight on election security, catch the webinar on-demand: Cyber Insecurity: Securing the Vote in the 2020 Election.
To learn more about what security pros are saying about cyberattacks, foreign influence and more, download our latest Global Incident Response Threat Report: The Cybersecurity Tipping Point Election, COVID-19 create perfect storm for increasingly sophisticated cyberattacks.
This blog may contain hyperlinks to non-VMware websites that are created and maintained by third parties who are solely responsible for the content on such websites.
VMware Carbon Black is a leader in cloud-native endpoint protection dedicated to keeping the world safe from cyberattacks. The VMware Carbon Black Cloud consolidates endpoint protection and IT operations into an endpoint protection platform (EPP) that prevents advanced threats, provides actionable insight and enables businesses of all sizes to simplify operations. By analysing billions of security events per day across the globe, VMware Carbon Black has key insights into attackers’ behaviours, enabling customers to detect, respond to and stop emerging attacks.
More than 6,000 global customers, including approximately one-third of the Fortune 100, trust VMware Carbon Black to protect their organizations from cyberattacks. The company’s partner ecosystem features more than 500 MSSPs, VARs, distributors and technology integrations, as well as many of the world’s leading IR firms, who use VMware Carbon Black’s technology in more than 500 breach investigations per year.