FBI, CISA warn of disinformation campaigns about hacked voting systems

Threat actors may spread false claims about compromised voting systems in order to undermine confidence in the electoral process

Threat actors may spread false claims about compromised voting systems in order to undermine confidence in the electoral process

The United States’  Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) have issued a joint announcement aimed at raising awareness about threats posed by disinformation campaigns that may target voters during the 2020 election season.

“During the 2020 election season, foreign actors and cybercriminals are spreading false and inconsistent information through various online platforms in an attempt to manipulate public opinion, sow discord, discredit the electoral process, and undermine confidence in U.S. democratic institutions,” reads the public service announcement (PSA) issued by the agencies.

With just over a month to go before the November election, they went on to warn that threat actors could use these platforms to claim or insinuate that successful cyberattacks have been carried out against the election infrastructure, leading to the leaking or hacking of US voter registration data.

However, gaining access to voter data in the US doesn’t require hacking or breaching the election infrastructure; most of it can be either found using publicly available sources, or alternatively, the data could be purchased. The agencies admitted that threat actors have in recent years acquired voter registration data, but gave assurances that this did not have any adverse effect on the voting process or the integrity of the results.

“In addition, the FBI and CISA have no information suggesting any cyberattack on U.S. election infrastructure has prevented an election from occurring, compromised the accuracy of voter registration information, prevented a registered voter from casting a ballot, or compromised the integrity of any ballots cast,” reads the statement. Last week, the same two agencies rang the alarm bells over attempts by threat actors to spread disinformation around the results of the upcoming elections.

RELATED READING: Black Hat 2020: Fixing voting issues – boiling the ocean?

The new announcement also sets out a list of recommendations to help citizens and potential voters distinguish between truthful, verifiable information and disinformation attempts. The list includes advice such as verifying the source of the data and evaluating its trustworthiness, relying on state and local officials when searching for information, being skeptical about early and unverified information, as well as reporting any signs of election crimes. Voters are also advised to use the reporting features of various social media platforms if they come across suspicious posts aiming to spread disinformation.

Meanwhile, tech giants and social media platforms have been gearing up for the upcoming US presidential elections and the 2020 election for some time now. Facebook, for example, has laid out plans aimed at protecting the elections by combating inauthentic behavior as well as by launching the Facebook Protect feature for political figures. Microsoft, for its part, recently debuted a tool aimed at detecting deepfakes.

Sign up to receive an email update whenever a new article is published in our Ukraine Crisis – Digital Security Resource Center