2020 Predictions: Election Security

David Richardson, senior director of product management, Lookout
2020 Election Hacking Will Focus on Mobile – As cyber attacks have evolved to target mobile devices because of their nature and form factor, so will cyber attacks in the 2020 Presidential Election. Spear phishing campaigns are moving beyond the traditional email-based phishing attacks we saw in the 2016 election cycle to advanced attacks that involve encrypted messaging apps, social media and fake voice calls. Before the next election is over, we will likely see some kind of compromise as the result of a social engineering or mobile phishing attack, particularly as presidential campaigns embrace mobile devices in their canvassing efforts.

Jamil Jaffer, VP of Strategy and Partnerships, IronNet CyberSecurity
Election security is already top of mind for voters – I certainly expect some significant degree of election manipulation, but I don’t expect direct vote manipulation—at least not the kind of vote manipulation that affects the outcome of an election—for a number of reasons.  First, it is very hard to do at scale and requires fairly close-in access to systems. In addition, the systems we use for voting and the software they utilize, are fairly diverse even if they are made by a small number of manufacturers; and at least some jurisdictions are now employing systems that have some significant measure of paper backup and/or auditing (and more to come).  Finally, I think most nation-states understand—and may very well be deterred by the fact that we are almost certain to respond fairly swiftly and aggressively to any actual attempt to manipulate votes in a major election.

At the same time, there is certainly very high likelihood that we’ll see a lot more of what we saw in 2016, including efforts to undermine candidates, parties, and confidence in the system as well as to create discord and dissent between groups and individuals in the electorate.  Likewise, we may see attacks against vote databases, including through ransomware, that is designed to either extract revenue or to undermine confidence in our voting system. These types of attacks—which can be partly mitigated by the use of provisional ballots as created by the Help America Vote Act—can still achieve the goals of attacks.  Ultimately, these nation-state actors—Russia principally, but possibly including China, North Korea, and Iran—seek to create uncertainty and undermine people’s confidence in the system.

Ed Skoudis, SANS instructor and RSA Conference Advisory Board Member
“We will see an enormous number of claims of election tampering through cyber means, including social networking manipulation, voting machine compromise, and other forms of fraud. In the run-up to the US elections in November, both sides will raise increasing warnings of such problems, but little concrete action will be taken. That will lead candidates who lose in November to claim the fundamental unfairness of the situation, resulting in actual reforms occurring in 2021 or beyond (e.g., Lots of complaining and moaning with no real action until 2021.)” –

Casey Ellis, chairman, founder and CTO, Bugcrowd
Elections: Cybersecurity is a citizen problem. New media and western democratic processes will collide on the cybersecurity battleground. The combination of a higher percentage of digitally-native, first-time voters; an increased reliance on connected systems for registration, tallying, and voting itself; and the wide knowledge and sharing of Russia’s disinformation playbook from 2016 indicates to me that we’re in for a wild ride through the 2020 elections — not just in the U.S., and not just with Russia as a potential aggressor.

Much of the voter narrative on election security focuses on the cybersecurity elements. In 2020, this will drive a rapid increase in the consumer demand for vendors and governments of all types to demonstrate accountability for the measures they’re taking to keep the data and processes of their customers confidential, integrated, and available.

The good news is, we’re already seeing a move in the right direction with the call for vulnerability disclosure programs across agencies, which would allow whitehat hackers to help surface flaws in election websites and applications in lead up to and through the elections.

Kirsten Ashbaugh, Threat Analyst, ZeroFOX
We expect Russia may modify its election interference tactics based on the attention towards social media disinformation, focusing less on bots and fake personas and more on a traditional IO campaign using a myriad of state-owned media properties.

We believe other actors, foreign and domestic, will copy aspects of the Russian playbook in 2020 with a combination of disinformation and social-media amplification (bots and other fake personas). The addition of other actors will make it more difficult to attribute disinformation campaigns writ-large.

Russia and other disinformation actors will likely continue to capitalize on underground sites to spawn disinformation campaigns and conspiracy theories, making it difficult to find origins via social media.

Governments may have difficulty fighting against disinformation, especially with the involvement of local actors, which can present legal restrictions and accusations of free speech suppression. This means private organizations, research organizations, and social networks need to be involved and coordinated to assist in ensuring voters have the correct and necessary details to make informed decisions.