Phone Number +1-202-802-9399 (US)

Thycotic is now Delinea!

The Lockdown

Thycotic’s Cyber Security Blog

Hacking the US Elections: How Government Agencies Can Protect Themselves

Written by Joseph Carson

August 24th, 2018

The US midterm elections campaigns are well under way and expected to be held on Tuesday, November 6, 2018.  This midterm election is significant as it will take place right in the middle of President Trump’s first term and will likely be an indicator of the US citizens’ confidence in both the President and the Republican Party which holds a majority in both the Senate and the House.

Foreign Voting Interference

With the Mueller Special Counsel still investigating foreign interference in the 2016 US Presidential Elections, all eyes are focused on any hacking or cyber-attacks that might occur during the upcoming 2018 midterm elections.  This is a dark cloud hanging over the current White House administration that wants to ensure confidence is restored.

Foreign interference has not stopped … it has become more aggressive

One thing that’s clear, and is supported by Mueller, is that foreign interference has not stopped. Instead, it has become more aggressive placing the integrity of existing voting systems under serious scrutiny.

A little further along in this post I’ll provide some details on an Election Protection Toolkit that Thycotic has created to help government agencies keep campaigns safe from hackers, but if patience isn’t your strong point, you can view and download the Election Protection Toolkit right away. It’s free.

The DEF CON Voting Village

During the recent Black Hat and DEF CON Conferences over 17,000 international cybersecurity professionals descended on Las Vegas, USA to share knowledge on the latest cyber threats, cyber-attacks and vulnerabilities, and to educate one another on the techniques cyber criminals use to bypass security measures taken by most governments and organizations globally.  The US midterm election and voting systems were a hot topic among security researchers.

DEF CON’s “voting village” demonstrated how voting systems that will be used in the upcoming elections could be easily hacked, causing disruption and invalidating the integrity of states that continue to use vulnerable and legacy systems.

Voting Systems Vulnerabilities and Risks

I was fascinated to learn that several US states that use electronic voting systems had repurchased them off eBay after some systems became faulty.  Serious risks exposed during DEF CON highlight two potential vulnerabilities of these systems.  One of them is the ability to flash the memory using the diagnostic JTAG port on the boards that could enable vote tampering to occur; if a master system is tampered with it could be used to replicate malware to the other systems used within the network, yielding the greatest impact.

In the opposite direction, when the votes are being counted, by tampering with a single device at the edge of the network when the master is copying those results it is possible to infect those systems with Malware that could easily spread to other voting systems.  Of course, this does mean that physical access to those electronic voting systems would be required to carry out such election hacks.

Fake News and Propaganda

Another method of “hacking” that is likely to have an effect on the outcome of the midterms is the use of propaganda, otherwise known as fake news.  This has the ability to cause unrest and harm the reputation of those who will be running for office.  It’s a serious issue, and Facebook and Twitter have been identified as two of the major social media platforms on which propaganda is distributed.  Not only has Facebook faced scrutiny for trending fake news, it also sold personal information from voters on what influenced them—this was disclosed as the Cambridge Analytica Incident.

Voter Information Stolen

Several states including Georgia have reported that they have been victims of data theft—over 6 million voters had their voter’s information stolen.

Cyber criminals, nation states and even US campaign officials can use this data to influence voters in their favor.  It has been suggested that the best way to change an outcome is to influence the minds and decisions of others before the fact.

The upcoming US elections face some major cyber risks:

  1. Tampering with voting systems
  2. Fake new and propaganda
  3. Theft of sensitive information
  4. Unauthorized access to campaign officials’ email and systems

It appears that there are current, active cyber-attacks targeting each of those risk categories.

What is the US Government doing to help protect the future of voting and the democracy of the United States of America?

The state of West Virginia has embraced technology and will allow the use of Internet Voting.  This is similar to that used by the Estonian Government since 2005 and has proven to be a solid alternative to traditional methods of voting.  The system uses strong Identity and Access Management, Multi-Factor Authentication and Blockchain to maintain the integrity of the vote.  Estonia has been using Blockchain since 2002 to make it difficult to tamper with the history of Tax, Voting, and Health Data, to name a few.

Additional reading: Estonia is unconcerned about a possible Russian cyber-attack, president says

US Makes it Easier to Launch Cyber Attacks against Adversaries

Recently President Trump made it easier for the US to launch cyber-attacks using offensive cyber weapons against adversaries, and of course this comes just before the US midterm elections and at a time when cyber-attacks are currently actively ongoing.  This is a public indication that the US government is announcing that anyone who carries out cyber-attacks or any other type of foreign interference with the US elections will highly likely face retaliation.

Fewer than TEN countries have nuclear arms.  Every country in the world, in theory, can have cyber arms.

Symantec recently stated that “Fewer than TEN countries have nuclear arms.  Every country in the world, in theory, can have cyber arms”.  So the race is on to create cyber weapons that can be used for damaging offensive capabilities to deter other countries from acting.  Many countries have already started permitting cyber offensive techniques that enable them to prevent cyber-attacks before they reach their own borders.

I am in favor of cyber offensive capabilities; however my greatest challenge is being able to accurately attribute responsibility for an attack in cyberspace, and determining whether it was a misdirection to put political pressure on two or more countries.  I know we have AI and other techniques, but I also know that cyber criminals have the ability to make it look like someone else committed the crime. And with cyber mercenaries on the increase the only true way to determine attribution is to go back to the old method of having human spies confirm the attack happened, and that it was initiated by aggressive cyber countries.

Many countries are already committing cyber-attacks on a large scale and the USA has been poor at responding to such attacks. For example, the attacks on the DNC and OPM.  My personal stance, however, is that cyber offensive should only be carried out by government agencies and not individual citizens.

Thycotic Releases its Cybersecurity Election Protection Toolkit to Safeguard Candidates Running for Office

Thycotic announced the release of its Cybersecurity Election Protection Toolkit in an effort to keep U.S. candidates and their staffs secure and safe from criminal hackers during the 2018 mid-term elections. With the release of its Election Protection Toolkit, Thycotic aims to help campaigns for federal, state and local elected offices prevent attacks on their credentials/passwords amid recent cyber threats by Russian hackers and other cyber criminals.

Thycotic’s Election Protection Toolkit directly addresses the typical methods used to attack campaigns such as cracking weak user passwords, getting unsuspecting users to download malware in phishing attacks, and stealing confidential communications. The Kit includes a free digital edition of Cybersecurity for Dummies along with a poster template for printouts to hang in campaign offices that will help educate staffers about what they can do to protect their passwords and safeguard their online activities. The Kit also includes an Incident Response Template, should a campaign discover it has been hacked.

Download the Election Protection Toolkit here.

“As a Washington, D.C. based cybersecurity provider, we have a firm pulse on what the government requires in terms of cybersecurity surrounding recent attempted hacks on candidates and government officials. With many in the U.S. House of Representatives and the Senate up for re-election in November, along with a host of newcomers on the political scene, our goal in offering this Election Protection Toolkit is to help ensure the integrity of our mid-term elections,” said Steve Kahan, Chief Marketing Officer at Thycotic.

In addition, the free Election Protection Toolkit includes links to online free tools, such as:

These are some of the free resources that Thycotic offers to organizations seeking to protect their critical data assets,” Kahan added.  “For individuals and committees managing campaigns, the Cybersecurity Election Protection Toolkit is a great starting point.”


What makes IAM, PIM, PAM and the other acronyms so confusing?

Get the answers—and check out our interactive ACRONYM DICTIONARY