The ransomware could be one of greater threats for the upcoming elections of USA, as the old software and potentially vulnerable voting machines could be targeted by criminals carrying out cyber attacks from abroad.
According to its global threat report NTT Ltd. for september, ransomware could develop and wait to be activated on election day or as soon as the voting machines are activated. It could even cause interruption of the voting process.
"Threats from ransomware or other types attacks in cyberspace for US elections, do not come exclusively from foreign governments", The report said. "The cyber attacks against their electoral infrastructure USA can be started by any criminal seeking financial gain".
NTT has claimed that the US election in November will include "a high level effort”In terms of maintaining security. Threats to the voting process could include: foreign interference, misinformation campaigns, possible changes in US postal service procedures, ransomware attacks, old technology (including hardware and non-up-to-date software), voter apathy - and especially this year - him fear of transmission of COVID-19 at polling stations.
"An online or physical attack electoral infrastructure, whether or not electoral systems or processes are linked, could potentially lead to general dysfunction of the electoral system, errors in the number of votes, delays in the results of the elections and incorrect election reports", The report said.
NTT claimed that its most important data security are the ones that will probably be targeted first by the attackers and the first line of defense "must be a secure and resilient US electoral infrastructure".
According to NTT, the threats are increased for two main areas:
Threats to campaign activities: The attacks in voter registration information could include breach or deletion of data, so that the potential voter is not registered and therefore unable to vote. Also, the installing a malware in a voter registration system could jeopardize the integrity of these data. Finally, the data of voters could be encrypted to demand ransomware or steal to be sold on the dark web.
Threats to election activities on election day: Direct Record Electronic (DRE) voting could be affected by a cyber attack (ransomware, etc.). In addition, election results are submitted electronically or via email on election night. An attacker could interfere in this process and influence the results.
Jake Moore, cybersecurity expert at ESET believes that interventions will be made and that the threats are many.
"The Ransomware is a major threat for all organizations, but the elections will arouse the interest of criminals from all over the world", he said.
"Ransomware is a real threat, but it is certainly not more likely than a DDoS attack or a breach data. Criminals will do what they can best do: look for vulnerabilities and gaps security to exploit them, hoping to make a financial profit from the US election".
The researcher, like NTT Ltd, said they should be done prompt updates and fix vulnerabilities in order to reduce the chances of a successful attack. Also, the education and sensitization (regarding the cyber security) of all those involved in U.S. elections and electoral processes, is essential.