Operatives in several countries reportedly are conducting cyberattacks to affect the outcome of next month's mid-term congressional elections in the United States.
Russian hackers are no longer the only concern, Andrea Little Limbago of the data-security company Endgame told CBS News. She warned that China, Iran, and possibly others also are attacking social media, voting machines and electoral systems.
The hackers are replicating Russia's use of social-media “bots” to disseminate news and other information designed to shape Americans' political opinions. The number of so-called “bot farms” is increasing, according to experts.
Bots can spread misleading or false messages to millions of people in a matter of minutes. “What's interesting is that as we see them growing, we're also starting to seeing some greater microtargeting,” Little Limbago said. “They're leveraging various kinds of algorithms that people are interested in, (and) target them very specifically (on social media).”
A cybersecurity expert with New World Hackers who creates bot farms that are sold on the dark web explained: “Twitter allows developer apps, and I could insert a code into my own allowing me to view passwords in plaintext. Most people never really pay attention to what they authorize on Twitter, and apps with bad security may have a hacker in the middle. This is also known as a man in the middle attack.”
Most authorities believe that hackers working for the Kremlin are still the biggest threat. “We've seen Russian interference really targeting European elections,” Little Limbago noted. “And in Turkey, Sweden, Italy, the Irish referendum — all of those have been under some sort of cyberattack or information warfare campaign.”
U.S. intelligence agencies have determined that Russians exploited social media to meddle with the U.S. presidential election in 2016. Not all of the messages were false. Hackers strategically disseminated some factual accounts to specified groups of voters, in an attempt to influence how they voted.
Russia allegedly employed similar tactics to tamper with the United Kingdom's Brexit election, in which Brits voted to withdraw their country from the European Union. The Democratic minority on the Senate Foreign Relations Committee reported earlier this year that Russia's Internet Research Agency helped the resolution pass by enlisting about 150,000 social-media bots to “undermine democracy and the rule of law in Europe.”
Microsoft announced in August that a group of hackers linked to Russia, known as Fancy Bear, was setting up fake internet domains to send phishing emails to U.S. voters. “This activity is most fundamentally focused on disrupting democracy,” company President Brad Smith wrote.
Google, Twitter, and Facebook officials have uncovered similar cases of foreign cyberattackers using their platforms to affect the mid-terms. Acting CIA Director Michael Morell declared that there is “no doubt that the Russians are behind the effort.”
Operatives in other countries have different motives than Russia. “China hacks the United States to steal” intellectual property, a security expert told CBS News. “Russia is engaged with mucking around with politics all over Europe and the U.S. China does hack elsewhere, but their goals in the U.S. today are mostly economic.”
For Iran, the primary objective is to weaken Israel. Reuters reported that Tehran officials have created a “sprawling network” of websites and social-media accounts to spread false and misleading information on Facebook, Twitter, Instagram and YouTube.
The meddling is not limited to foreign governments. “Sub-state level actors (are also) getting involved,” Little Limbago said. She accused “multinational corporations like Cambridge Analytica” of “a broad range of interference that goes beyond traditional marketing.”
“When you think about hacktivist groups, you think about a case in the Philippines ... where a hacktivist group first attacked an election commission website,” Little Limbago recalled. “From there, they vandalized the website but then released 55 million voter-registration records, including biometric data.”
Voting machines are vulnerable, as well. American cybersecurity groups have demonstrated the ease with which hackers can manipulate certain software to alter election results. Attacks on voter-registration procedures and other systems during the 2016 race succeeded in lowering voter turnout in selected areas.
“If ransomware hits, what's the backup plan to allow people to vote?” asked Theresa Payton, the Fortalise Solutions CEO who formerly served as chief information officer in the White House. “Do we extend it a day? Do we hold off the tally of the votes? Do we take absentee ballots? What do we do?”
The hacking threat extends far beyond elections. CBS News pointed out that the Homeland Security Department is also worried about “nuclear reactors, water-treatment facilities, manufacturing centers, emergency response services and a dozen other systems.”
Sergio Caltagirone, a former cyber-defense expert for the National Security Agency who now works for the cybersecurity company Dragos, cautioned: “It's the light you turn on. It's the water you drink. It's the toilets you flush. Industrial control is about people's lives, fundamentally.”