The US Govt. hopes to avoid interference in the upcoming November presidential election by means of a large reward.
Concern exists about foreign interference in the 2020 election, so a reward of up to $10 million will be offered for anyone providing information, that could lead to tracking down potential cyber-criminals aiming to influence the November vote.
Diplomatic Security Service
The US Department of State’s Rewards for Justice (RFJ) program, overseen by the Diplomatic Security Service, will pay for info that can identify or locate someone working with or for a foreign government “for the purpose of interfering with US elections through certain illegal cyber activities,” says a release posted on the department’s website.
The reward covers anyone seeking to interfere with an election at the federal, state, or local level by violating or even aiding the violation of a US law against computer fraud & abuse, outlined the department.
Computer Intrusions
“The Computer Fraud & Abuse Act, 18 U.S.C. § 1030, criminalises unauthorised computer intrusions, & other forms of fraud related to computers,” outlined the release. “Among other offenses, the statute prohibits unauthorised accessing of computers to obtain information & transmit it to unauthorised recipients.”
The department is encouraging anyone with information on foreign interference in US elections to contact them via their website or contact a US Regional Security Officer at the nearest US embassy or consulate.
Phishing
Recent research by Google identified 2 separate phishing campaigns targeting staffers of both President Trump & Democratic candidate Joe Biden from persistent threat (APT) groups. Google reported a China-linked APT group targeted Biden’s campaign staff, while an Iran-linked APT targeted Trump’s.
The pandemic has created fresh concerns in the upcoming election. Election security has been a major topic at this year’s Black Hat USA 2020, which is being held this week for the first time virtually, due to the pandemic.
Voting Village
The conference opened with Voting Village security celeb Matt Blaze calling for cyber-security experts during his keynote to use their passion for election security to help secure the upcoming US presidential elections. This includes taking on the many challenges the government faces to scale up mail-in voting with less than 100 days left before the election, he commented.
“This community is precisely the one whose help is going to be needed by your local election officials,” Blaze explained. “The logistical aspects of this are familiar to computing specialists,” he explained, while urging virtual Black Hat attendees to “engage now.”
State of Emergency
With the “operational environment being under uncertainty & in a state of emergency…our expertise in this community is central to many of the problems that we have here,” Blaze observed.
To help secure in-person electronic voting, voting machine-maker Election Systems & Software (ES&S) formally announced a vulnerability disclosure policy Wed. during a Black Hat session. The move indicated that voting-machine vendors also are starting to take the role of the security research community seriously in helping to secure critical election infrastructure.
Digital Assets
ES&S said that its formally released policy applies to all digital assets owned & operated by ES&S – including corporate IT networks & public-facing websites.
Christopher Krebs, Director of the Department of Homeland Security’s CISA Unit, also was expected to speak on election security yesterday at a session at Black Hat called “Election Security: Securing America’s Elections” to discuss the risks for the 2020 presidential election & how the US Govt. hopes to mitigate them.
