In elections, it’s easier to hack a human than a device

As a close ally of Putin stated that Russia “interfered, interferes, and will interfere” in the US elections, DDoS attacks knocked several midterm election websites off. But hacking elections is not just about infrastructure – it’s about “hacking” the people who cast their ballots.

From the 2016 US presidential race to the 2022 midterms – threat actors are eager to take any opportunity they can to influence the political course of targeted countries. Recently, Yevgeny Prigozhin, a Russian oligarch who founded the Wagner Group private military company, admitted the Kremlin’s continuous attempts to interfere in the US elections.

“Gentlemen, we interfered, we interfere, and we will interfere. Carefully, precisely, surgically, and in our own way, as we know how,” he stated.

Yet, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) said that no existing reports show that cyber activity has ever compromised voting infrastructure or prevented a voter from casting a ballot.

Yet, in a separate statement, they warned of another threat to the integrity of the voting process: disinformation, misinformation, and troll farms (with a notable one linked to Prigozhin).

For Daniel Smith, the Head of Research for Radware’s Cyber Threat Intelligence division, which offers security solutions to companies, hacking elections is also not simply about infrastructure, whether that be ballots or even electoral systems. It’s about the minds of those who choose their candidate – and it’s about the ease with which these minds can be manipulated.

When it comes to elections, are the most significant threats coming from abroad or from within nation-states?

I personally believe it's coming from inside the country. Of course, foreign threat actors are out there, and they are targeting our [American] election system. Specifically, you have the Russians that have been targeting past elections. They are very active and they're very capable.

But citizens of the United States are [also] learning how to manipulate each other. And these tactics, techniques, and procedures are the ones used by nation-state threat actors as well.

How common is it for threat actors to try and compromise elections?

I think it's becoming more of a common thing. In previous years, we were told that nation-state threat actors are focusing on critical infrastructure. And we're starting to learn that critical infrastructure is very difficult to hack.

If you want to hack a voting booth, you'd actually have to go there physically. And when you start looking at the number of voting machines and how spread out they are across the United States, it becomes a very difficult thing to launch a physical attack against those devices. So instead, threat actors have been looking at using more social techniques. And that's what we're seeing currently with the midterms. It's something that we saw previously with the 2020 election and something that we will most likely see in the 2024 election.

What are cybercriminals trying to achieve when attempting to manipulate elections? Do they act independently or on someone’s behalf?

They’re trying to get their political opponent a favor. So in the 2016 election, they were hacking the Democratic National Convention. They were using that information, through controlled leaks, to ultimately undermine the authorities and also to control people's votes. So it's manipulation. And what we're seeing nowadays in the 2022 election and then the future 2024 election is that instead of actually hacking a device, it's easier to hack a human.

Now, there's limited information about how exactly these state-sponsored threat actors get their directives. But we do know from prior elections that actors were directed by the Russian government to target the United States.

Going into the 2024 election and current midterms, there are also China and Iran that can get involved in election manipulation. But we have not actually seen them do it. So we don't know if there's direction coming from their government or whether this is something they're doing proactively. But when we're speaking about election interference from a nation-state level, it's generally directed by the government to their nation-state hackers.

Now, from a citizens' level, it's really kind of up to whoever wants to create something. So if you have your crazy uncle who's on Facebook and has 10,000 friends, it's very easy for them to buy into misinformation and spread it.

And how hard is it to trace cybercriminals back to nation-states?

It's very, very difficult. It's something most people in the security community do not want to get into because there's a lot of attribution and legal things that go along with it. I'm not a huge attribution fan. I like to look at the impact of an attack and how to prevent it. Yeah, it could be criminal, but you know, you can find the boogeyman behind every corner if you look. And that's kind of the situation we have going on right now: we're desperately looking for nation-state threat actors targeting our elections, but instead, we're finding that our own people inside the United States are the ones actually manipulating and building that mistrust in our system.

The Republican-led Senate Intelligence Committee disclosed that the Russian government had engaged in an “extensive campaign” to help Donald Trump win the 2016 election. What happened back then?

You had nation-state threat actors from Russia targeting the US elections to help Donald Trump get into office. They were trying to get information out there that helped change the public's perception and opinion about Trump. And so what ended up happening is what we call voter manipulation, where they came in and tried to get people to vote for him instead of against him in 2020.

But we also were looking at Iran. They were targeting the election to discredit Trump, but also not for the benefit of Biden. So this is where it gets a little confusing. In that report, they were talking about how people can launch attacks against the opponent without supporting the other one, which happened in 2020.

I think voter manipulation has been going on since the beginning of time. It's just changing. Back in the day, you actually had to go to a town-hall meeting, or you had to go to some kind of a group in person to manipulate people. And now the ‘internet Pandora's box’ is open, right? You can communicate with so many people. We've gotten closer, but at the same time, we've pushed everybody so far apart.

According to the FBI and CISA, cyber activity has never succeeded in compromising the integrity of any ballots cast, nor has it ever prevented a registered voter from casting their ballot in the US. Is the American election infrastructure as secure as government agencies want us to think?

You know, it really depends on the way you look at it. I do think that our election systems are very secure. I mean, we can go through many, many reports from the FBI and CISA, as you said, and also the private industry as well. When it comes down to hacking elections, it's easier to manipulate the voter than it is the machines, so our systems are actually secure.

The CIA has been doing great work testing these devices. They actually found vulnerabilities in Dominion voting systems and worked to patch them, later stating that these were not exploited in the wild. The reason why I bring that up is to highlight how difficult it is to manipulate those devices. And if you're going to do this, you want to actually impact them. You'd have to have thousands of people together to have them go out and do it.

In that case, is it impossible for a threat actor to steal your vote?

It's possible for them to manipulate your vote. Yes, they can manipulate the population of the United States into voting one way or another. And that's why I think it's important for the human voter to validate information on their own and learn about the system rather than blindly trusting which party to pick. But the issue is how we get our information and filter out that information. You look at some of these far-left and far-right groups, which are very, very good at getting people to join their objective.

I generally advise the US voter to take their time and actually go through the information they're looking at. If they have an opinion, they should fact-check it themselves. I'm not telling them to lean either way politically. I'm just saying to take on all information and filter it out to make an informed decision.

More from Cybernews:

Hackers were interested in Australia long before Medibank and Optus breaches

Silverstone Formula One circuit posted on ransomware leak site

Some US state election websites knocked offline in DDoS attacks

Instagram hijacking scheme earns Michigan man years in prison

Twitter's ex-employee was asked to "track everywhere users go" by large telecom provider

Subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are markedmarked