Elections departments need to be alert to how common cyber attacks could be leveraged against them. Ransomware actors, for example, could try to pressure officials into paying extortion by encrypting sensitive voter registration information or unofficial results reporting, CISA warns on the toolkit webpage. Perpetrators might block officials from accessing the data or threaten to leak it. Ransomware actors also might time and target their attacks to prevent officials from accessing important systems when they need them — such as during candidate filing and voter registration deadlines.
Malicious actors often use phishing to download ransomware or other malware onto victims’ computers. Election officials cannot stay safe from such ploys by simply avoiding opening email attachments, however, because officials often need to open attachments to access absentee ballot applications and conduct other routine duties.
Another concern is distributed denial of service (DDoS) attacks, which try to slow down websites or disrupt access to them by overwhelming servers with requests. These attacks could be used against local and state websites and could prevent residents from viewing information about voting or seeing unofficial election results.
The toolkit directs officials to a variety of tools, including those for assessing personnel’s susceptibility to phishing attempts, analyzing whether links might be malicious, backing up systems and more.
