Published 04/11/2016 | 21:34
Cyber attackers could launch a “nightmarish” assault on the US when the country goes to the polls on November 8, security experts have warned.
As the the final days of the campaign rattle past and the US presidential race of 2016 nears its crescendo, experts have warned that the high profile hacks and accusations of fraud could be far from over.
Fears that the election will be the target of a cyber attack have been heightened in the last fortnight by two major assaults online, which took down hundreds of popular websites, including Netflix and eBay, as well as Liberia's entire internet.
Internet sleuths have already surfaced damning information about both candidates. For Donald Trump, it was a raft of tapes that show the Republican candidate making sexist remarks about women. On Hillary Clinton’s side, leaked emails revealed questionable communications with the Department of Justice and tensions within the Democrat Party’s campaign.
And there could be more to come. In the worst case scenario, attackers could launch a multi-pronged assault, tampering with voting machines and the electoral process, leaking more documents - true or false - that tarnish one of the candidates, and taking swathes of websites offline that provide vital information about the voting process and results.
Here are some of the ways that hackers could interfere with the election.
Tamper with the voting process
In the run up to the US election, 10 states reported that hackers had probed or breached their systems. This sparked concerns about the security of voting technology, as the Department of Homeland Security urged election authorities to contact it for help assessing and bolstering their systems.
But despite fears, a hack on the voting system itself is not very likely. The voting system in the US is an “aging”, “massively complex tangle of technology”, according to security researchers at Rapid 7, which actually protects it from a large scale attack. Like in the UK, most votes in the US are cast on the day using a paper ballot.
A small number of states, however, do use some electronic systems which could be manipulated. As an example, some 32 of the US’ 50 states use email and fax, both widely regarded as insecure systems, to send and receive votes cast ahead of the election. These votes could be intercepted, or the system could be injected with fraudulent votes cast by fake identities.
Five states also have online voting systems. Here, a "distributed denial of service" (DDoS) attack, which takes computer networks and websites offline, could leave online ballots temporarily unreadable. A DDoS attack could also target voter registration systems, which are connected to the internet, to disrupt the voting process.
Both these attacks would require quite a lot of effort for not much reward, given that the five states with online voting are safe states and that the proportion of people who email or fax their votes is fairly low.
Leak (dis)information about the candidates
Ahead of election day, more documents discrediting one or both of the candidates could be released. Security and intelligence experts have warned that it is “very likely” hackers will continue attempts to influence the outcome of the election by spreading illegally accessed and false information.
“The biggest concern for an attack would be the release of damning material released prior to the election,” said Travis Farrall, the director of security strategy at security company Anomali. “This could actually sway the election in favour of a particular candidate which may not have been the case if the material hadn't been released.
Using leaked and fake documents to influence the result would be easier than compromising the election process itself, given that the majority of voters will cast paper ballots, Farrall said.
Following the leak of Clinton’s emails, some of which were tampered with and then spread online, intelligence officials and US Government officials said: “It is imperative that we focus on the broad disinformation that is already underway. What is taking place in the United States follows a well-known Russian playbook.
“Altering stolen documents and introducing them to the public is not the stuff of spy movies. It is a proven Russian tactic of Russian intelligence, and we expect it will happen here.”
Stop voters from getting to the booth
A cyber attack that took down some of the internet’s most popular websites at the end of October is widely suspected to have been a trial run for a bigger attack that could be coming next week.
In one doomsday scenario, spelled out by Silicon Valley entrepreneurs on Twitter, hackers were said to be plotting an attack on websites that will be key in getting voters to the polls, including map apps and voter information sites.
“Good chance of major internet attack November 8. Many groups have the ability and incentive. Maps outage alone could easily skew the election,” said Adam D’Angelo, chief executive of Quora and former chief technology officer at Facebook. “Last Friday’s attack should be enough evidence. Print out directions so you can vote/campaign without internet.”
The prospect seems more realistic than it may have a fortnight ago after hackers proved they could knock out swathes of sites including Twitter, Spotify, CNN and more in one fell swoop using an army of infected webcams and other smart devices called the Mirai botnet.
The Mirai botnet was also employed to take down the internet in Liberia numerous times over the course of the last week.
"Over the past week we've seen continued short duration attacks on infrastructure in the nation of Liberia," said Kevin Beaumont, a computer security expert. "The attacks are extremely worrying because they suggest a Mirai operator who has enough capacity to seriously impact systems in a nation state."
If a similar attack was launched against websites involved in the voting process it could prevent thousands of people from casting their vote, and at the same time generating fear that the election has been compromised.
The US Election Assistance Commission pointed to a statement that said: "Election officials are aware of the threats, do not take them lightly and are constantly adapting their processes to address new and emerging threats."
The greatest risk, according to the Commission, is to the voter registration system, which are connected to the internet. "Officials monitor logs, have intrusion detection software, take nightly backups so the lists can be restored, and regularly evaluate new cyber threats to ensure the security of the lists," it said.
"Voting systems are not connected to the internet, are tested at the federal, state and local level (before each election), are monitored throughout the process and in most jurisdictions are audited," it added. "The threat to actual votes is less because of these steps and the decentralised nature of the systems."
Undermine confidence in the results
Hackers could attempt to undermine the electoral process in the US by altering the process by which the results are communicated to the public.
In the early hours of November 8 and into the morning of the following day, 3,144 local authorities will be counting and reporting the votes cast in their area. Given the vast scale of the operation, it has become the task of dozens of journalists at the Associated Press to organise the information and relay it to the public.
Given that it also has the power to call the result ahead of time, a practice that is forbidden in the UK, tampering with the AP’s vote counting or communications systems could undermine the reporting process on the night and fuel fears that the election is “rigged”.
While such an attack wouldn’t affect the legitimacy of the vote in the long run, it could give Trump the ammunition needed to dispute the result if he doesn’t win the nomination for the President.
“AP’s system could be a critical point of failure on election night,” said Sean Sullivan, a researcher at F-Secure who demonstrated how hackers could tamper with the AP. “A threat actor couldn’t actually change the vote, but the results could definitely be undermined.
“A DDoS attack on the AP’s election night system could result in a delayed tally. And in the current political environment, delayed results will spread suspicions of voter fraud.”
A similar attack was waged during the Ukrainian Presidential election in 2014, when a hacking group associated with the Russian Government interfered with a system that displayed real-time updates of the vote count for 20 hours. In the same incident, the cyber criminals posted a picture on the Central Election Commission’s website declaring a winner 12 minutes before the polls closed.
“We should not underestimate the ability of hackers - especially those that enjoy state sponsorship - to disrupt the political process of a nation,” said Nikolay Koval, the head of Ukraine’s Computer Emergency Response Team in a report about the attacks.