The security risks surrounding the US presidential election in November 2020 are not limited to direct attacks on systems voting. Cybersecurity company Area 1 Security published a report in the Wall Street Journal warning that many election officials were using systems e-mail leaving them exposed to phishing attacks and violations. From more than 10.000 state and local officials, about 53% had only elementary or non-standard defenses against phishing. Only the 18,6% had developed advanced defenses and the 5,4% used personal email addresses.
In addition, some competent services in Maine, Michigan, Missouri and New Hampshire used a faulty version of Exim, a software that is free but has also been targeted by hackers of GRU funded by Russia, for cyber attacks, from 2019.
However, security researchers have said that the weak security of an email is unlikely to lead to piracy, as email systems are not linked to vote counting systems.
But there are concerns that local election officials may be prepared for possible intrusions into their electronic systems during the 2020 US election. THE CRANE, who was accused of stealing and leaking emails from the presidency campaign of Hillary Clinton in 2016 and 2018, had created a web domains imitating government web addresses with the aim of carrying out phishing attacks.
Of course, this would not necessarily allow hackers to jeopardize the voting process. J. Michael Daniel of the Cyber Threat Alliance told the Wall Street Journal that it would be very difficult to handle the votes effectively. However, ransomware and others malware Phishing-based campaigns could make it difficult for election administrators to do their job, and therefore cast doubt on the results, even if the voting infrastructure is considered secure.
According to information, the Russia and other countries have tried to deceive high-profile targets in 2018. It is difficult to rule out similar campaigns in 2020, especially against an electorate that does not have the same resources to protect itself. It may take a long time for email security to become strong.
Already this year, foreign hackers have targeted the personal email accounts of people working on the campaigns of Democratic nominee Joe Biden and President Donald Trump. China's state hackers also tried to hack the emails of members of Biden's campaign, while Iranian hackers tried to hack emails of members of Trump's campaign. THE Google, which reported the attempts, said in June that it had found no evidence that the attacks were successful.