Democralypse Now? US election first battle in new age of cyberwarfare

CIA said to blame Russia for voter database hacks

Hacking attempts against more than 10 US state election databases have increased fears about Russian efforts to disrupt or influence the 2016 presidential election.

Cyberattacks against voting databases in Arizona, Illinois and at least eight other states have only heightened concerns in the wake of the hack and subsequent leak of emails from the Democratic National Congress.

The US government has not shied from pointing the finger of blame firmly towards Moscow as previously reported. The Russian government "directed the recent compromises of emails from US persons and institutions," the Department of Homeland Security and the Office of the Director of National Intelligence alleged earlier this month. US security agencies are publicly accusing Russia of trying to interfere with the election process after allegedly escalating from cyber-espionage to cyber-sabotage.

Federal officials suspect Russian hackers tried to breach a contractor for Florida's election system, exposing voters' personal information in the process, CNN reports.

Amid these heightened tensions, the CIA is reportedly preparing for cyberwar against Russia, or at least looking into scenarios for a conflict largely fought in the arena of public opinion, where leaks of sensitive information on rival political elites are the weapons of choice.

Spin cycle

Accusations are flying left, right, and centre as experts urge calm assessment and caution. Tod Beardsley, senior research manager at Rapid7, likened attempts to hack the election system to the routine scanning and probing of corporate networks.

“There is wide speculation around the current ‘probing’ activity directed at online voter registration sites,” he said. “In isolation, this might seem alarming. However, all online systems are ‘probed’ all the time. Automated and routine vulnerability scans of internet assets is a normal part of online weather, is sourced from all over the world, and is well understood by experienced IT security practitioners.”

Even if voter record databases were corrupted then the effect would be disruptive rather than disastrous, according to Beardsley.

“If online voter registration records are vandalised on election day in order to deregister otherwise legitimate voters, polling places can and will fall back to the paper-based provisional balloting system guaranteed by the Help America Vote Act of 2002 (HAVA). So, while an outage of voter registration records would certainly be inconvenient, it would not prevent the election from taking place. It just wouldn't be worthwhile in terms of effort, cost, and risk to attack elections this way, given the ease of local recovery through provisional balloting."

Vote early, vote often

The presidential election is now only two weeks away and this has served to heighten speculation – present during every recent election cycle – over the possibility of someone "hacking the election".

Hackers have been threatening to steal voting results data as well as voters’ personal information. The MIT Technology Review concludes that “voter registration information” is more at risk than your ballot.

Tim Erlin, senior director of product management at Tripwire, said the 2016 US presidential elections are the “first major election where foreign cyberattacks have been discussed as a material threat”, something he expects to become the norm.

“There’s no more business as usual when it comes to cybersecurity and US elections,” Erlin said. “The United States is going to have to come to grips with a future where electronic interference in elections by foreign powers is standard operating procedure.”

Even apparently minor problems in election systems need to be scrutinised closely.

“The information security community has learned over and over that the first discovery of a breach never uncovers the full scope,” Erlin warned. “We should apply that lesson to any election related compromises as well. There’s likely more to uncover here as well.”

Robert McFarlane, head of labs at Head London, commented: “The levels of hysteria and hyperbole have been the highest of any US election in living memory, but it’s certainly not inconceivable that we could see some high-stakes hacking. However, I’d suggest the underlying reasons behind this would be geopolitical: these elections have made the US look weak on the global stage and Putin desperately needs to deflect from the Syrian campaign. As such, a Russian-sponsored hack would serve to humiliate and destabilise an already shaky America.

“Of course, it also doesn’t help that Trump’s babbling rhetoric actively appears to invite outside interference to help secure his victory – or at the very least call a defeat into question. There are, clearly, a great many ways a hack could backfire on Trump, as well as the sponsor – whether that’s external or domestic. In fact, being able to point the finger of blame at the Russian Federation (or any state they don’t like) would be a convenient win for the Yanks by further isolating the perpetrator as an aggressive opponent of democracy.”

Democralypse Now?

Rapid7’s Beardsley has published a detailed blog on the hacking threats facing the US election system here.

The US election system is “massively complex” and “appears to embody the absolute worst practices when it comes to information security”, he writes.

There are cleartext, internet-based entry points to the voting system. There is an ageing installed base of voting machines running proprietary, closed-source code, produced by many vendors. And there is a bizarrely distributed model of authority over the election, where no one actually has the power to enforce a common set of security standards.

Despite this assessment, Beardsley is inclined to downplay the widely discussed hacking threat against voting machines. “It is possible that foreign hackers could infiltrate voting machine software, and therefore cause votes cast for one candidate to be counted for another,” Beardsley said. “However, such an attack is literally incredible. Voting machines in the US are never [as far as we are aware] directly connected to the internet on Election Day, which means the attacker would need to get at the machines well before November 8, while the software is being written or loaded on to the machines.

“While this sort of infiltration is possible, such a campaign would require formidable espionage assets, have a high risk of being detected before the election, and the effects would be noticeable in bizarrely inaccurate exit polling during and after the election.”®

Similar topics

Other stories you might like

  • Software Freedom Conservancy sues TV maker Vizio for GPL infringement

    Companies using GPL software should meet their obligations, lawsuit says

    The Software Freedom Conservancy (SFC), a non-profit which supports and defends free software, has taken legal action against Californian TV manufacturer Vizio Inc, claiming "repeated failures to fulfill even the basic requirements of the General Public License (GPL)."

    Member projects of the SFC include the Debian Copyright Aggregation Project, BusyBox, Git, GPL Compliance Project for Linux Developers, Homebrew, Mercurial, OpenWrt, phpMyAdmin, QEMU, Samba, Selenium, Wine, and many more.

    The GPL Compliance Project is described as "comprised of copyright holders in the kernel, Linux, who have contributed to Linux under its license, the GPLv2. These copyright holders have formally asked Conservancy to engage in compliance efforts for their copyrights in the Linux kernel."

    Continue reading
  • DRAM, it stacks up: SK hynix rolls out 819GB/s HBM3 tech

    Kit using the chips to appear next year at the earliest

    Korean DRAM fabber SK hynix has developed an HBM3 DRAM chip operating at 819GB/sec.

    HBM3 (High Bandwidth Memory 3) is a third generation of the HBM architecture which stacks DRAM chips one above another, connects them by vertical current-carrying holes called Through Silicon Vias (TSVs) to a base interposer board, via connecting micro-bumps, upon which is fastened a processor that accesses the data in the DRAM chip faster than it would through the traditional CPU socket interface.

    Seon-yong Cha, SK hynix's senior vice president for DRAM development, said: "Since its launch of the world's first HBM DRAM, SK hynix has succeeded in developing the industry's first HBM3 after leading the HBM2E market. We will continue our efforts to solidify our leadership in the premium memory market."

    Continue reading
  • UK's ARIA innovation body 'hasn't even begun to happen' says former research lead

    DARPA imitator not doing much after two years of Johnson government

    Updated The UK's efforts to copy US government and military innovation outfit DARPA are stalling, according to a leading figure in research and development.

    Appearing before the Science and Technology Committee, Sir John Kingman, former chair of UK Research and Innovation, told MPs this morning that ARIA – the Advanced Research and Invention Agency – was a good example of departmental research spending that could be cut, sidelined or delayed.

    "A very high-profile example would be ARIA, which has been this big plan for the Boris Johnson government, and yet here we are a few years into the Johnson government and it still hasn't even begun to happen," he told MPs.

    Continue reading

Biting the hand that feeds IT © 1998–2021