WOODWORTH, La., Feb. 18, 2020 /PRNewswire/ -- After seeing a pattern of concerning data related to election security, Ingalls Information Security has prepared a threat model entitled, "How the 2020 Presidential Election Could Be Hacked." The model was presented in a whitepaper recently published in partnership with the National Association of Secretaries of State (NASS). The company reports on a threat model that could potentially be used by well-resourced organizations to disrupt the upcoming presidential election. Ingalls reports that these groups have the ability to target local- and state-level authorities with ransomware before and immediately following Election Day.
Ingalls Information Security is based in Alexandria, Louisiana and has provided cybersecurity consulting, testing and managed detection and incident response services since 2010.
"In 2019, we uncovered a pattern regarding election data that led us to develop the threat model that we outlined in the whitepaper," Jason Ingalls, Founder and CEO of Ingalls Information Security said. "We were called upon to help respond to a variety of different breach response scenarios that involved ransomware attacks against a significant number of commercial, nonprofit, and government organizations. In addition to our breach response work, our team also protects many organizations through proactive risk management, which gave us visibility into this pattern and threat."
The threat model, as outlined in the whitepaper, is specifically based on the capabilities of adversaries to gain access to credentials for cloud-based management consoles and remote access software. "We have seen countless cases in which victims believed they had adequate anti-virus protection, when in fact, the attackers were able to execute ransomware encryption software despite a popular antivirus being installed," Ingalls said.
Ingalls points out that the recommendations made to prevent this type of attack have all been presented as cybersecurity best practices for years. These include, but are not limited to next-generation anti-virus, multi-factor authentication, comprehensive monitoring and review, and incident response planning.
"We hope that by sharing this threat model whitepaper with the cybersecurity and IT managed services communities, as well as state and local election authorities, we can raise awareness about this situation," Ingalls said. "We believe this threat is entirely avoidable, but still very possible due to the current state of cybersecurity risk management controls employed by many managed services providers and local and state election authorities."
The whitepaper was recently published on the NASS website https://www.nass.org/sites/default/files/2020-01/white-paper-ingalls-nass-winter20.pdf.
SOURCE Ingalls Information Security