The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) declares in a public service announcement that cyber activity has been registered to try to compromise the infrastructure of the election. The attempt is unlikely to affect the voting result or cause any major disruption in the system.
The two institutions assessed the risks associated with the attempts over time, but neither of them has seen evidence of malicious interference having any significant impact.
The Situation Explained
In the PSA issued, the two institutions explain that the election officials have a variety of technological, physical, and procedural controls at their disposal, to mitigate the likelihood of malicious cyber activities (such as phishing, ransomware, denial of service, or domain spoofing) that may affect the integrity of the election infrastructure.
Some methods mentioned are failsafe measures, such as provisional ballots and backup pollbooks, and safeguards that protect against voting malfunctions (e.g. logic and accuracy testing, chain of custody procedures, paper ballots, and post-election audits).
Given the extensive safeguards in place and distributed nature of election infrastructure, the FBI and CISA continue to assess that attempts to manipulate votes at scale would be difficult to conduct undetected.
BleepingComputer cites that physical access to the devices, access to the Election Management System (EMS), or the capability to conduct supply chain attacks to change the files before to the operating system images being loaded onto ImageCastX devices are all requirements for exploiting these weaknesses.
Cyberattack Attempts Blocked