The recent US election has officially come to an end with the presidential elect Donald Trump being the winning nominee. As voting time came near though we consistently heard stories about whether or not the election was tampered with by the Russians and the threat of Online or Cyber-based elections attack that could scrutinize the integrity of the election and voting process itself.
Firstly, we need to ask is whether or not voting machines themselves be subject to tampering or compromise? The answer, unfortunately, is yes. Particular states in the 2016 election such as New Jersey, Delaware, Georgia, Louisiana and South Carolina were cited to use digital voting systems to register a citizens vote without the need for a paper trail. The problem here however is that these machines themselves are often quite aging and come with old and easily susceptible software that can be subjected to tampering via methods such as Dragonfly/ the Energetic Bear Hack This form of malware was cited as being used for a lengthy period against both security, energy and oil companies for quite awhile before being spotted. This however, would require the attacker to use a Remote Access Tool to gain initial access and then install malware,or steal whatever data of value they so choose. How easy could this be? Well depends on if the machine has some accessible usb ports or other open ports that are either ignored or incapable of being shut down from external device plugins. Thus potentially, one could go in to vote, implement an infected USB key covertly while voting, then go home and access the machine remotely and just tap the vote box for their preferred candidate and “stuff” the ballot box.
Alternatively, as we have seen from Mirai, DDoS attacks could be used in effort to slow, frustrate and skew perspective of the election with about 5 states having an online voting system that would then be overloaded with traffic. But again, 5 states out of 50 isn’t quite enough to swing the election heavily in favor of one candidate (or at least not these
Instead, US officials are actually quite optimistic against the likely hood of an attack. Many, Election Management Devices (EMS) used are often not connected to the internet at all, and instead store and transmit information to the main server via the use of flash memory that would then have to be delivered to infect further and obfuscate the reputation of the votes. Furthermore, attackers who would try to deter voters from knowing results, or taking down Google Maps and leaving potential voters lost as to where to cast their ballot were seen as either improbable or too small a scale to have huge repercussions. The Defenses placed in on Google, Yahoo, Apple, and Facebook maps are likely reinforced due to the sheer scale of the information required to stay up to date and maintained.
No unfortunately, the real attacks are coming after the election via more popular techniques such as spear-phishing as Hours after Trump victory the DNC was subject to a foreign attack via traditional methods of compromised macros + stenography obfuscated malware dubbed Powerduke; and targeting unsuspected/high profile members with clickbait email titles.