Election security concerns for state and local governments have not gone away during the coronavirus pandemic. In fact, they’ve only grown more urgent. Those concerns are mounting as states argue they do not have enough leeway to use the $400 million Congress appropriated for election security this spring, and “a coalition of more than 200 public-interest groups are pushing hard for Congress to include $3.6 billion for the 2020 election cycle in the next coronavirus relief bill,” as The New York Times Magazine reports. Some states are considering moving to online voting because of concerns about having residents congregate at polling places. However, that move is something security experts are strongly cautioning against because of cybersecurity vulnerabilities. The Guardian reports the Department of Homeland Security opposed such moves in a draft guidance, warning that casting ballots over the internet is “a ‘high-risk’ endeavor that would allow attackers to alter votes and results ‘at scale’ and compromise the integrity of elections.” The challenges posed by the pandemic are making a complicated security picture even more complex for state and local election officials. They need to remember all of the election security concerns that existed in January are still out there and are now more difficult to tackle — and they include malicious actors spreading disinformation and attackers targeting voting databases. All of those concerns need to be addressed between now and November.
Singapore: Political parties warned of cybersecurity threats, election interference | Eileen Yu/ZDNet
With general elections expected to be held within a year, Singapore’s political parties have been issued advisories about the threat of foreign interference and cybersecurity threats. They are urged to seek out precautionary measures to safeguard their ICT infrastructure, data, as well as online accounts. The city-state’s Ministry of Home Affairs, Cyber Security Agency, and Elections Department on Monday said there had been many reports of foreign interference over the past few years in elections overseas, including the French presidential and German federal elections in 2017 as well as the US mid-term and Italian general elections in 2018. These were attempts by foreign actors such as other countries, agencies, and individuals to assert influence over elections in a sovereign state, said the Singapore government agencies. “Singapore is not immune and we need to guard against such nefarious activity as we head towards our own General Election, which must be held by April 2021,” they said.
National: Cyber Warfare Doesn’t Take a Break During Coronavirus Season; US Health Agencies Are Fending off DDoS Attacks and Disinformation Campaigns in the Midst of a Pandemic | Scott Ikeda/CPO Magazine
Unfettered by social distancing measures or economic concerns, cyber threat actors are taking full advantage of opportunities created by the coronavirus pandemic. United States health agencies are being tested by distributed denial of service (DDoS) attacks and social media disinformation campaigns as they scramble to respond to an unprecedented viral outbreak, and these attacks are thought to be backed by a hostile foreign government. A large-scale DDoS attack was directed at the U.S. Health and Human Services Department sometime around March 15. A spokesperson for the National Security Council stated that the attack did not do any substantial damage and that the networks are being “continuously monitored” to mitigate any future attempts. The DDoS attack involved millions of requests on the health agency’s servers over a period of several hours. A Health and Human Services spokesperson indicated that the government does not know who was behind the attack, but suspects a foreign government. The DDoS attack did not involve any network compromise, nor did it significantly slow down operations. The spokesperson indicated that the agency has put unspecified “extra protections” in place going forward.