Page 177 - Cyber Defense eMagazine June 2024
P. 177

The  number  of  emails,  chatbot  conversations,  instant  messages  and  other  forms  of  communication
            expands  the  surface  area  for  hackers  to  corrupt  attachments  and  pose  as  reliable  individuals.  The
            aforementioned clone voice calls are a form of quishing, or voice phishing.

            Actions to prevent this include setting up online forms for gathering data and submitting applications
            instead of relying exclusively on email. Other initiatives, like the Elections Infrastructure Sharing and
            Analysis Center (EI-IASC), provide free detection tools for voting centers and city operators. The Election
            Assistance Commission also recommended these strategies for defending secure voting management
            systems:



               •  Employing air-gapping networks
               •  Using multifactor authentication
               •  Incorporating physical security measures
               •  Relying on independent software
               •  Enhancing voter privacy features
               •  Encouraging interoperability



            Social Engineering

            Social  manipulation  has  been  a  hacking  staple  for  decades  but  is  potent  during  election  season.
            Cybercriminal  outfits  bribe,  blackmail  or  persuade  election  officials,  candidates  and  voters  to  aid  in
            systemic attacks. These are surefire ways to obtain insider access and information under the radar —
            even across borders.
            Preventing  social  engineering  is  a  nuanced  effort  because  it  often  involves  mental,  emotional  and
            physical motivations unique to individuals with varying degrees of influence. Voting centers and state
            offices can mitigate social engineering potential by using strict hiring processes with thorough background
            checks, interviews and references to verify trustworthiness.



            Data Breaches

            Hackers work endlessly to uncover the many vulnerabilities and backdoors of legacy voting technologies.
            Websites and voting consoles need updates to withstand new hacking attempts to protect personally
            identifiable data. Washington, D.C., experienced the vitriol of 600,000 voters in 2023 after a hacking of
            the city’s web host.

            Myriad strategies could withstand breach attempts. Filling out workforces with white hat hackers and
            penetration testers will expediently identify oversights in critical voting infrastructure before cybercriminals
            make headway. The experts play the role of a threat actor, determining the most valuable opportunity for
            cybersecurity enhancements.






            Cyber Defense eMagazine – June 2024 Edition                                                                                                                                                                                                          177
            Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.
   172   173   174   175   176   177   178   179   180   181   182