While the 2016 presidential election race is a central focus in the U.S, the chaos surrounding it creates an ideal environment for online espionage and cybercrime. By observing the attention the media is putting on the elections and paying close attention to buzz words, cybercriminals may be looking to exploit this for their gain. In the mass wave of election attention, the number of threats and scams grows as attackers piggyback on the flurry of political communications with voters and election officials. These can include scam phone surveys and emails designed to collect personal voter information, similar to 2012 efforts to do so. On top of this, there is a worrying lack of expertise at the help as the Department of Homeland Security has recently been criticized for the lack of cybersecurity experts on the newly created Election Cybersecurity Committee.
A brief look at the cybersecurity threats the FBI has on its hands as election day draws near
The FBI has expressed concerns about the U.S. voting system being a target for cybercriminals and is working on solutions for the government. The director of the FBI, James Comey, addressed this concern when he spoke to government and private industry experts recently. Comey expressed these concerns shortly after the news was released about the FBI’s warnings that hackers had already breached the Arizona board of election with plans to target another. Senate Minority Leader Harry Reid blames the Russian government for threatening to tamper with the presidential election.
Election scams you should be aware of
American voters should be on alert for election scams as the big day on November 8th draws closer. Cybercriminals can pose as representatives from your local Republican or Democratic office asking for contributions to the election. It is easy for someone to create a false phone number or email address to deceive voters to thinking they are receiving legitimate communication from a political office. If you receive unsolicited political phone calls this election season, make sure you ask for the organization’s name and number and verify the information with the Better Business Bureau (BBB) before making any contributions.
Voter registration scams are another threat to be aware of which involves someone calling or emailing you to re-register if you have not voted since the previous presidential election. Some emails make claims that names of non-voters have been removed from the voter registration list in order to gather personal information cybercriminals can use to steal identities. Familiarize yourself with the rules on your local official election website so you do not fall victim to a scam.
Election survey scams are another way voters are being targeted for their personal information. In this type of scam, criminals claim they are conducting political polls or surveys on behalf of one of the major parties. Those involved in this scam offer incentives for answering questions about the election. The scam comes in when the caller asks for credit card information to cover fees for rewards for participating in the survey.
How do threats against voter registration systems affect the election?
On August 29th it was announced that alleged Russian hackers targeted voter registration systems in the states of Arizona and Illinois. The threat had been noted as credible and significant according to the Washington Post. The Arizona Secretary of State, Michele Reagan, shut the state’s voter registration system down for almost a week because of the threat. This shutdown may have prevented the election system from being compromised as hackers were not able to penetrate the state system. However; the username and password of an election official in Gila County had been compromised. The FBI did not confirm if the attackers were rogue criminals or employed by Russia.
Officials in Illinois noticed an intrusion in their election system in July. The attackers were not able to alter anything, however; the intrusion marked the first time a state voter registration system had been compromised. The director of voting and registration in Illinois said the attack was sophisticated and likely came from a foreign country. The percentage of voter records the hackers were able to obtain was small. Both the FBI and Department of Homeland Security were involved in the investigation of the attack in Illinois, which also shut down its voter registration system for a week to prevent further intrusion.
What are the risks of voter registration information being leaked?
Until this year, foreign hackers have not shown much interest (or had success) in attacking the U.S. voting systems. If a foreign entity was able to gain access and tamper with voter information, the attack would greatly damage the integrity of the U.S. election system. There is fear that as a result of any tampering with the election registration system, some voters would likely choose not to vote due to lost trust in the accuracy of the election system.
Although both states experienced some voter information being deleted, the vice president of operations for the Center for Internet Security, Brian Calkin, is more concerned about attackers altering, modifying, or deleting voter information stating “that’s where the real potential is for any sort of meddling in the election.” If an attacker successfully gained access to information in a voter database, votes could be manipulated by “stuffing the box” in favor of one candidate over another. Additionally, voter’s personal information such as address, ID numbers, and driver’s license numbers could be compromised and used for malicious activity such as identity theft.
Is there anything the average American citizen can do to help or keep their voting information safe?
The best action a concerned voter can take is to stay alert for election scams and contact their state officials in charge of the voting registration system and express concerns over cybercriminals stealing their voter information in the event of a cyber-attack. Unfortunately, there is little the average American can do to protect their voting information that is stored in election databases. Voters are at the mercy of the level of security of the voter registration and election system in the state they live in. Fortunately, Arizona and Illinois are only two of five states that have a fully electronic voter registration system while others still use paper trail systems which are more secure as they are less susceptible to cyber-attacks. Needless to say, the FBI and DHS will have their hands full through election day as they fulfil their responsibility to secure the American voting system from outside attack.