Malware - Ransomware

Email Protection: Voter Registration Databases Hacked

Adrien Gendre

October 25, 2016

3 min

The US presidential election will soon be over. Email security and other cybersecurity issues have been making headlines throughout the race. As we near the actual election, there is evidence that multiple states have had their voter registration systems infiltrated.


Word 2016 ELECTIONS written on white dices with flag of United States of America (USA) waving on wind in background.


The Incident.

The most recent attack occurred in Arizona. Once again, standard email protections failed to prevent malware from compromising a network. A Gila County employee fell for a phishing email and opened what appeared to be a standard Microsoft Word document—in fact the attachment contained malware. This email-borne malware allowed hackers to obtain the employee’s username and password to the voter registration database. With this access, the hackers could have created new voter profiles, deleted existing voter profiles, or inserted a virus into the database.

An unsuspecting employee opened an attached document containing malware that infiltrated their computer.

The breach was discovered by the FBI, who found the employee’s credential (username and password) available for sale on the dark web. The FBI contacted Michele Reagan, Arizona’s Secretary of State, who immediately took the entire system offline. The source of the attack seemed to stem from Russia, although it is not confirmed. It is believed that their goal was to either alter data to disrupt voting, or test the email security of the system for future attacks. Luckily, after investigation, there is no evidence that any voter information was altered, deleted, or that a virus had been implanted into the system.

This happens all the time.

Unfortunately, this isn’t an isolated incident. Arizona state officials stated there were 192,000 intrusion attempts in September alone, and 11,000 posed a serious security threat. Arizona is not the only state facing problems like this, there have been multiple voter registration database breaches in the last few months.

The common thread through most of these security incidents? They involved a phishing or spear phishing attack. Email is the soft underbelly in which hackers break through network defenses.

91% of all network breaches involve a phishing attack.

What is happening now?

The Department of Homeland Security (DHS) is attempting to improve voting security by offering help to the various local agencies involved. DHS is providing vulnerability and risk assessments to polling places, in addition to distributing a guide on best practices for securing systems. They also recommend implementing multi-factor authentication systems with passwords that are regularly updated.

Our advice? Start by locking down the biggest vector of security threats: email. Enhanced email protection would avert or mitigate the majority of these attacks.

Some good news

In terms of election results, it is highly unlikely that the outcome of the election could be altered because of an attack. First, different states use different voting technology, systems, and vendors, therefore a system-wide breach would be extremely difficult to conduct. Second, so far the attacks have only been on voter registration data, not on the systems that tally or count votes. Lastly, the actual systems that are used to cast votes are not connected to the internet. For these systems to be hacked, individuals would have to tamper with them in person.

It is highly unlikely that the outcome of the election could be altered due to a cyber-attack.

What’s needed: specialized email protection

Preventing a data breach is hard. Email protection is not easy under any circumstance. However, when a sophisticated actor like a state-sponsored hacker is involved, the stakes get even higher. These types of hackers can develop or utilize zero-day malware or sophisticated spear phishing programs that will never be flagged by standard signature-based email protection or spotted by the average employee.

Vade Secure’s email protection can mitigate the risk of systems being compromised via email through state-of-the-art layered email protection system. Vade Secure’s email protection is enhanced by artificial intelligence that can detect behavioral, stylistic, and technical issues within emails, URLs, and attachments. Plus, we include two external anti-virus scanners that enhance efficiency and provide and additional backstop for security.

Although your company may not be dealing with voter registration data, it does handle data that many hackers would love to get hold of. From critical intellectual property and customer lists to employee social security numbers, your corporate data is in great demand on the dark web. Without specialized email protection, your network is vulnerable.

Ready to improve your company’s email protection? Get a FREE 15-day evaluation and see how our state-of-the-art security systems can prevent data breaches within your company.