Many establishments forego maintaining a cyber war room for elections, deeming it unnecessary
In the lead-up to the 2020 presidential election, the federal government has placed a greater emphasis on the electronic component of voting. This heightened focus comes amidst a series of cybersecurity concerns and threats.
Microsoft, in a research publication released in September, highlighted increased efforts by foreign activity groups, including Russia, China, and Iran, to target the election. The company has observed hacker operations from three primary groups: Strontium, Zirconium, and Phosphorus.
Over the summer, Microsoft disrupted a global phishing campaign, which led to widespread credential theft. Russia-based Strontium, involved in the 2016 election, has evolved its strategies to disguise credential harvesting attacks. Meanwhile, China-based Zirconium was behind thousands of attacks between March and September this year, using web beacons to gauge active users.
Microsoft was granted permission to disrupt Iran-based Phosphorus' operations by taking over 25 internet domains it used. To date, Microsoft has used this method to take control of 155 Phosphorus domains. The domain used by Zirconium operators isn't malicious but serves as a means to evaluate targets.
A ransomware alert has been issued by federal agencies, with Q3 2020 experiencing an increase in ransomware attacks, specifically Ryuk. Bill Conner, CEO of SonicWall, stated that governments paying ransoms made them vulnerable to cyberattacks.
The latest technological developments are almost irrelevant if security is absent from an organization's culture. Kelvin Coleman, executive director at the National Cyber Security Alliance, stated that if one is connected to the internet, they are at risk. Coleman emphasized the importance of basic security measures, such as strong passwords, in reducing risk.
The overlap of public and private sector information sharing is inevitable during an election, according to Coleman. A Morphisec survey found that nearly two-thirds of government employees are worried about a cyberattack on candidates, political parties, and voting infrastructures influencing the presidential election.
The Department of Homeland's cyber "war room" was established for the 2018 midterms, but many organizations do not have the same 24/7 election watch. Attackers, according to Gorelik, resort to manual trial and error methods even when domestic tools are intercepted.
Conner stated that everyone is very sensitive to the interdependency of government right now. He emphasized the potential vulnerability of governments paying ransoms, making them targets for future cyberattacks.
In conclusion, the 2020 election is facing a myriad of cybersecurity threats, with foreign activity groups and ransomware attacks posing significant risks. It is crucial for all organisations to prioritize cybersecurity and implement basic measures to protect against these threats. The interdependency of government and private sector information sharing will be vital in the fight against these cyber threats.
Read also:
- China's Automotive Landscape: Toyota's Innovative Strategy in Self-Driving Vehicles
- Tesla's Autonomous Taxi: Human Intervention in AI-Driven Vehicles Unveiled as Controversy
- Network Monitoring Tool: Snort - an open-source Intrusion Detection System for data communications and networking
- HPV Link to Breast Cancer, Risk Factors, and Ways to Prevent It
