Russian and Iranian hacking threats highlight need for election cybersecurity

Cybersecurity issues have been on the front pages of newspapers and news websites as the November 3 United States Presidential Election draws closer and millions of Americans cast their votes. In particular, the FBI reported that a Russian hacking group infiltrated and accessed the voter data of two local government jurisdictions, amongst other targets, according to NBC News. Iran has also been accused of accessing voter registration information and using it to send threatening emails to potential voters. Both nations deny the allegations. 

An ongoing threat
The Russian cyberattack was attributed to a group known as either Energetic Bear or Firefly, an organization known to have links to the Russian government.

While the stolen voter data was perhaps the most significant known breach, the FBI warned that the Russian hackers were targeting other groups as well, including "U.S. state, local, territorial, and tribal government networks, as well as aviation networks." In fact, government officials are unsure if the hackers were even specifically targeting voter data.

"We're not aware of any activity that would put them in a position to come anywhere near a vote… we don't have any reason to believe they were election infrastructure pr election-related information," said Department of Homeland Security Cybersecurity and Infrastructure Security Agency director Chris Krebs, as quoted by the news source. 

Ultimately, the FBI does not at this time believe that the breaches will impact the actual results of the election, according to NPR.

While the goal of Russia's data breach is unknown, Iran has already used their stolen data in an effort to intimidate and confuse voters. Some voters in the swing state of Florida received threatening emails instructing them to switch party affiliations. The emails were purportedly sent by the Proud Boys, a far-right American militia group, but were in fact sent by Iranian operatives, according to Director of National Intelligence John Ratcliffe.

Although it is unclear how Iran was able to access state voter information, the process may have been easier than it was for Russia's hackers. NBC News reported that Florida is one of several states that allows public access to some of its voter information, including party affiliation, with a request.

According to John Hultquist, a cybersecurity analysis for the company Mandiant, demonstrates a new level of cyberattack for the Iranian government.

"This incident marks a fundamental shift in our understanding of Iran's willingness to interfere in the democratic process... while many of their operations have been focused on promoting propaganda in pursuit of Iran's interests, this incident is clearly aimed at undermining voter confidence," Hultquist said, as quoted by NBC.

Once alerted of the threat, Google was able to stop about 90% of the fraudulent emails using a spam filter, according to a spokesperson. 

Boosting cybersecurity 
On Capitol Hill, meanwhile, two Senators, Maggie Hassan of New Hampshire and John Cornyn of Texas, reached across party lines to introduce a bill aimed at expanding the National Guard's ability to assist state governments' cybersecurity efforts. The bill is a response to current limits placed on the National Guard and how they can assist states, according to GCN.

Cornyn and Hassan's bill comes as three states have already called upon their National Guards to assist with election cybersecurity. In Delaware, the state's National Guard Cyberspace Operations Squadron has begun to work with its Department of Technology and Information to make improvements on its infrastructure and address potential vulnerabilities. The National Guard's team consists of about 20 members who have been authorized to make changes to the Department of Technology and Information's current cybersecurity program, according to Delaware National Guard Affairs Director Bernie Kale. The partnership was made possible by an executive order from the state's governor, John Carney, on October 15, 2020.

In Colorado and Washington state, meanwhile, extra cybersecurity work fell to a National Guard Cyber Defense Force, and the 194th Wing of the Air National Guard, respectively. A colonel in the Washington Air National Guard described the state as taking an "avante-garde approach" to election cybersecurity, that includes calling on its own hackers to test for vulnerabilities.

The cyberattacks in the lead-up to the 2020 election are not without precedent. According to NPR, both the FBI and Department of Homeland Security have been putting up bulletins about the risk to election infrastructure for several months. The attacks are also a callback to similar efforts by Russia leading up the 2016 election, when hackers attempted to infiltrate election systems in every state in the country, according to The New York Times.

Government agencies aren't the only organizations that need to look carefully at their cybersecurity protocols and infrastructure. Luckily, Perle Systems is here to help. To learn more about what Perle can do for you, read some of our customers' success stories.