Can Hackers Influence the Outcome of the 2016 Elections?

Who says they already haven’t?

Something’s just not right. Hundreds of thousands of voters have turned up to vote only to find their names were not on the registration lists or their party affiliation has been changed without their permission. Polls are continually being proven to be inaccurate. Besides, the Director of National Intelligence, James Clapper, just announced that foreign hackers have already attempted to hack the presidential campaigns and he expects to see more attacks as the country gets closer to the election.

 The first indication that the political cyber battle may be going beyond the use of political bots, troll bots, and spamming came when Bernie Sanders was forced to admit that some of his overly enthusiastic supporters had ‘accidentally’ accessed Hillary Clinton’s voter database. Although both candidates have access to the voter databases maintained by the Democratic National Committee (DNC), how each candidate analyzes and uses the data is unique. Knowing one candidate’s strategy would give the other candidate a decided advantage in targeting certain voters or voter demographics.

 Sanders’ supporters weren’t going to take such allegations lying down. They repeatedly commented on social media on how the Clinton campaign had rigged the outcome in a number of primaries. In fact, when Clinton recently tweeted,

 Hillary election tweet

 it produced an outraged avalanche of angry tweets from Sanders’ supporters, such as,

 hillary anti tweet1


hillary anti tweet2
 with one tweet even giving a complete list of grievances.

hillary anti tweet3
 But are such attacks justified? Possibly. Certainly, some irregularities have not been adequately explained, like the voters left off registration lists in New York and Arizona. But can this be the basis for allegations that someone has hacked into the election process?

 It’s hard to say. There are a number of ways a hacker could try to influence results. They could try to alter the software in the machines by hacking the software makers or by getting someone within the company to work with them. They could enter the software company’s network through an endpoint phishing attack or by other devious means. Once into the network, they could move horizontally through it and elevate their privileges to gain access to important code which they could then alter to produce whatever election results they desired. With the correct malware, all of this could be done remotely. I wouldn’t think this would be an easy attack vector and may even require zero-day exploits, but foreign adversaries have used such techniques to breach important government networks before, so these kinds of attacks cannot be ruled out entirely, especially in light of Clapper’s recent warning.

 But there are other, equally troubling hacking angles that need to be explored. How many of you know that your voter registration information is for sale online? And it’s not by hackers or criminal groups. Your state government sells this information to anyone who wants it and it sells it for a good profit. Let’s look at California, for example. You can choose to purchase a complete list of registered voters including their voting history or you can focus on specific districts. Here is a list of information you can receive on voters as seen in the actual form from a California website,

 voter reg 1

Nationwide, the type of information about you that anyone can get varies with the state. Here is summary of voter registration information across the U.S.

 voter reg 2

The last time I saw so much individual information for sale was on the deep web.

 But it gets worse. Last December, it was disclosed that the voter database for every registered voter in the U.S. had appeared on an orphaned IP address. That’s right. Anyone who wanted to access it or download it could do so for free. No one wanted to admit ownership for the site and it stayed up and accessible for a couple of weeks before it was taken down. It now appears that the campaign assisting site, NationBuilder, may have assigned the database to the wrong IP address.

 Does it matter? It could. Spammers are always looking for new email addresses, hackers could use the information for a spear phishing attack on individuals connected to specific companies, and other criminals could try to use some of the information for identity theft. Besides, personal information on high-profile targets could likely be found here.

 In an election that promises to be close and contentious, every advantage must be exploited. You can expect the usual harassment attacks designed to embarrass the candidates. The hacking group, Anonymous, has already declared war on Donald Trump and has attempted, so far not very successfully, to launch DDoS attacks against his sites. Others will, no doubt, attempt to infiltrate campaign and social media web sites to post false information in an effort to embarrass a candidate. These may discredit a candidate for a short time but should do no permanent damage. The exception would be if hackers got control of incriminating documents and posted them. In this regard, Hillary Clinton would have the most to fear, since her career has left her more exposed to such attacks.

 The 2012 election was replete with attacks by foreign governments on both campaigns. Romney was supposedly attacked by Chinese hackers. Clapper’s warning seems to indicate this could happen again. The Chinese would most likely try to disrupt Trump’s chances for the presidency since he has been more outspoken in his criticism of them. The Russians, on the other hand, are more likely to try to disrupt the Clinton campaign. If either of them has any election-changing information, don’t expect to see it until the end of the campaign. It would most likely appear as what is called, an ‘October Surprise’.

 The ultimate attack would be one which allowed the attackers to influence voter tallies. The best way to do this would be to focus on key districts in key states in which the results are already predicted to be close. A zero-day exploit which could compromise local networks and alter results in favor of a particular candidate cannot be ruled out. Such an exploit would not want to be obvious and would alter the results within the range of probability. Once the desired results were achieved, a kill switch would be initiated which would remove every trace of the malware from the network. The results should be surprising but not overly so.

 So, yes, the election can be and probably will be influenced by a variety of cyber attacks. That’s really not even a question anymore. At this stage, the only question is how much these attacks will influence the final outcome and we may not know the answer to this question until long after the election has been decided.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s