|
[1]
https://www.cisa.gov/sites/default/files/publications/PSA_CyberThreats_Final-508.pdf
[2]
https://us-cert.cisa.gov/ncas/alerts/aa20-283a
Read both carefully. |
CISA - PSA - CYBER THREATS:
Cyber Threats to Voting Processes Could Slow But Not Prevent Voting
23September2020The FBI and CISA are issuing this PSA as a part of a series on threats to the 2020 election to enable the American public to be prepared, patient, and participating voters.
https://web.archive.org/web/20200928073119/https://www.cisa.gov/sites/default/files/publications/PSA_CyberThreats_Final-508.pdf
The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are issuing this announcement to inform the public that attempts by cyber actors to compromise election infrastructurecould slow but not prevent voting. The FBI and CISAhave not identified any threats, to date,capable of preventing Americans from voting or changing vote talliesfor the 2020 Elections. Any attempts tracked by FBI and CISA have remained localized and were blocked, minimal, or easily mitigated.The FBI and CISA have noreportingto suggest cyberactivity has prevented a registered voter from casting a ballot, compromised the integrity of any ballots cast, or affected the accuracy of voter registration information. However, even if actors did achieve such an impact, the public should be aware that election officials have multiple safeguards and plans in place—such as provisional ballots to ensure registered voters can cast ballots,paper backups, and backup pollbooks—to limit the impact and recover from a cyberincident with minimal disruption to voting.The FBI and CISA continue to assess that attempts to manipulate votes at scale would be difficult to conductundetected.
US CERT CISA - NCAS ALERTS:
Alert (AA20-283A)
APT Actors Chaining Vulnerabilities Against SLTT, Critical Infrastructure, and Elections Organizations
Original release date: October 09, 2020 | Last revised: October 12, 2020
https://archive.fo/6Ldsk
Note: the analysis in this joint cybersecurity advisory is ongoing, and the information provided should not be considered comprehensive. The Cybersecurity and Infrastructure Security Agency (CISA) will update this advisory as new information is available.
This joint cybersecurity advisory was written by CISA with contributions from the Federal Bureau of Investigation (FBI).
CISA has recently observed advanced persistent threat (APT) actors exploiting multiple legacy vulnerabilities in combination with a newer privilege escalation vulnerability—CVE-2020-1472—in Windows Netlogon. The commonly used tactic, known as vulnerability chaining, exploits multiple vulnerabilities in the course of a single intrusion to compromise a network or application.
This recent malicious activity has often, but not exclusively, been directed at federal and state, local, tribal, and territorial (SLTT) government networks. Although it does not appear these targets are being selected because of their proximity to elections information, there may be some risk to elections information housed on government networks.
CISA is aware of some instances where this activity resulted in unauthorized access to elections support systems; however, CISA has no evidence to date that integrity of elections data has been compromised. There are steps that election officials, their supporting SLTT IT staff, and vendors can take to help defend against this malicious cyber activity.
Click here for a PDF version of this report.
https://us-cert.cisa.gov/sites/default/files/publications/AA20-283A-APT_Actors_Chaining_Vulnerabilities.pdf
SCREENSHOT: https://postimg.cc/KRrtjj4s |