fbpx

Ziggy Ransomware Shuts Down, Refunds Money

In a stunning reversal, the Ziggy admin is now giving ransom money back to victims

Darth Vadar. The Grinch. The Ziggy Admin. What do they all have in common? Once known as infamous agents of villainy, they all experienced one heck of a character arc after seeing the light. What caused this change of heart? It’s difficult to say for sure. Vadar was turned back by the love of a son who chose to believe that there was still good inside of him, while Mr. Grinch was won over by the indomitable spirit of the Whoville residents when he grossly misjudged the source of their joy, causing his attempt to steal Christmas to fail miserably.

And the Ziggy admin? In early February, the cybercriminal operation announced that they were shutting down for good. They shared with Bleeping Computer that they had turned to crime because they lived in a developing country but that they were “very sad” about the crimes they had committed and had decided to release the encryption keys publicly for their victims. They also admitted that they were concerned about legal problems and the possibility of having the same fate as ransomware extortionists Emotet and Cyberwalker, who had recently been raided.

No other information was forthcoming, so it became a waiting game to see if Ziggy would make good on their promise. Many cyber-criminologists remained skeptical. Yet the Ziggy admin was true to their word—sort of. The next day they published the decryptor code, offering an SQL file with 922 decryption keys that victims could use to unlock their files, but they were loaded with malware. In addition to the keys, the admin also published a tool to make the process less complicated, along with the source code for a decryptor that does not need an internet connection to work.

They are not the first hackers to do a 180. Days before, the hacker group known as Fonix (aka Xonix and FonixCrypter) had also made a similar announcement, stating that guilt had finally caught up with them and releasing the decrypter codes would help to alleviate that. And in the past, other groups such as GandCrab, Shade, and TeslaCrypt have also made similar turnarounds.

What makes Ziggy different is that in mid March, they announced that they would be refunding their victims the money paid for the ransom. It was a move that shocked many. Within a week of the unprecedented announcement, they stated they were ready to begin making restitution.

The Ziggy admin told Bleeping Computer that they would begin refunding the ransom in Bitcoin at the rate it was valued on the day that the ransom was paid. Which means they are still making a tidy profit, given the fact that the price of Bitcoin has been ascending the last three months. On the day that Ziggy made the announcement, the price of Bitcoin was around $39,000. Five days later, it had jumped above $61,000.

The Ziggy admin insists though that they are not profiting, and have even had to put their house up for sale to pay for restitution. They also have stated that they are now going to start using their powers for good as “ransomware hunters.”

Maybe it’s not that surprising a move after all. Among cybercriminals, Ziggy was never considered a hardcore bad guy in comparison to others like the aforementioned Emotet, whose actions prompted a joint international strike force coordinated by the Eureopean Union to launch a crackdown that ended with seizing of computers and arrests. Or Egregor, who shut down Translink’s transportation system in Vancouver last year when ransom demands were not met.

Ziggy was more “old fashioned” in their crime sprees. They would encrypt files after hacking into a company’s records, but never actually steal them and threaten to sell them to the public if the ransom wasn’t paid.

So what do we make of all of this? Was it true repentance or a strategically-timed ploy to escape punishment? We can’t really know the heart of a person and this blogger will refrain from passing judgement. In the end, perhaps it’s enough that they’re going to refund the monies ransomed, and trying to be a force of good in the cyberworld.

All we can tell you is that an ounce of prevention is always better than a pound of cure. So if you have any lingering doubts about whether or not you’re protected against a ransomware attack, let us help with a free assessment today. Don’t hope to depend on the kindness of strangers!

If you’ve been the victim of a Ziggy ransomware attack, please reach out to the admin directly at [email protected] with proof of your payment in Bitcoin and computer ID. It’s estimated that you’ll see a refund to your Bitcoin wallet in roughly two weeks.

Image by Gerd Altmann from Pixabay

The Changing Face of Generative and Predictive Artificial Intelligence

(and how it’s shaping cybersecurity for decades to come)

First off, let’s define what we mean by AI (artificial intelligence), because the definition can be varied, depending on who you ask. For some, it’s Haley Joel Osmont’s character David laughing that creepy laugh during the dinner table scene in the Steven Spielberg film AI, or, if you’re of a certain age, it’s HAL 9000, the sentient computer who goes on a eerily calm murder spree in the cold vacuum of space in Stanley Kubrick’s 2001: A Space Odyssey.

(Personally, I am super nice to Alexa, in the hopes that when the machines do take over, she might put in a good word for me!)

But all kidding aside, what are we really talking about here? In the cybersecurity world, we’re looking at predictive AI, and most experts recognize that there have been three waves of development with this type of network protection:

  • Wave One: Human developers created guidelines for AI to follow. The first phase of AI could solve complex problems. If you’ve ever seen a chess match between a computer and a human being, this is a classic example of First Wave AI. The AI was supervised during the entire process, and gathered data to form a baseline with which other data would be compared. Then the AI would look for anomalies in any new, incoming data. The issue programmers ran into was that the information collected for the baseline quickly became outdated because hackers were evolving faster than the data could be updated. Which led to the creation of the next phase.
  • Wave Two: Supervised and unsupervised AI, also known as “machine-learning AI” were used to create guidelines by relying on methods such as classification, clustering, and regression, which are used to help with making predictions. Although it was considered superior to first wave AI, it still had some limitations. Second Wave AI doesn’t have the capacity to draw conclusions or make predictions based on its own reasoning. 
  • Wave Three: Unsupervised by humans, computers “self-supervise” and make decisions based on their own reasoning and analytics. Third Wave AI is able to draw new conclusions and increases its own learning capacity. It’s considered “context aware.” Operating systems using 3rd wave predictive AI can adapt to changing situations.

So, now that we know what predictive AI is, why is it important for cybersecurity? Before we answer that, it’s important to realize that you are most likely using predictive AI everyday without realizing it. If you’ve ever used Uber, Lyft, or DoorDash, their apps use predictive AI to determine what time you’ll arrive at your destination or when your food will arrive. Also, if you’ve ever fly on a commercial airline, the average flight only involves an average of seven minutes of human-steered flight time, typically during take offs and landings. The rest of the time? Autopilot, which—you guessed it—is a form of predictive AI.

In terms of AI used in cybersecurity, it’s often seen in things like anomaly detection, threat detection, and cybercrime prevention. One benefit is that Third Wave assesses each situation in real-time, as it’s unfolding. Typically, odds favor hackers, but with Third Wave, those odds are being evened.

Statistically, companies that were using Third Wave experienced far less issues with hacking issues like ransomware attacks during the Covid-19 shutdown. With millions of employees suddenly working from home with little to no training on how to avoid sophisticated phishing scams, cyber criminals jumped on the opportunity to exploit any weakness that resulted from workers using unsecured networks. And those who had Third Wave predictive AI were able to adapt more quickly than their counterparts.

Perhaps the most apparent example of this was the string of zero-day attacks that occurred at the end of 2020 on several government agencies, including the Department of Homeland Security and the National Institute of Health. Considered one of the boldest cyber crimes ever committed, many people wondered how this could have happened “on US soil.” That’s a discussion for another blog, but suffice to say that Third Wave predictive AI has the capability to respond much faster because it’s real-time threat detection, versus a rules-based evaluation of the events unfolding. It may not sound that impressive, but every second counts when someone is trying to steal sensitive data and make you pay a ransom for it.

And yet, many people don’t feel entirely comfortable with trusting AI to be responsible for their safety. We find ourselves back to a HAL 9000 conundrum. Tesla made headlines last year when several of its self-driving cars crashed, all within a short time frame of one another.

And there is also the growing concern that as AI evolves, many people will find themselves out of a job and obsolete. To be fair though, it’s already been proven that this concern is somewhat unfounded. Predictive AI has actually been shown to create jobs. A recent article by Forbes Magazine indicated that although AI will eliminate roughly 85 million jobs by 2025, it will create 97 million more.

The main concern for most people is the moral and ethical question on AI. The Campaign to Stop Killer Robots, chartered in 2013, lobbies governments to halt the development of drones and other AI-powered machines. Frank van Harmelen, an AI researcher based in Amsterdam stated, “Any computer system, AI or not, that automatically decides on matters of life and death — for example, by launching a missile — is a really scary idea.”

Van Harmelen may be thinking back to an incident in 1983 where former Soviet military officer Stanislawv Petrov averted a potential global nuclear war when he noticed that Russian computers had incorrectly sent out an alert that the United States had launched a preemptive nuclear missile strike.

And yet, the benefits of AI are hard to ignore. One of the main challenges of cybersecurity is staying ahead of hackers. Ransomware attacks have grown exponentially in the last few years alone, and their success rates are alarming. When federal governments and hospitals treating COVID-19 patients are targeted with no mercy, it makes the days when financial devastation being the greatest consequence of being hacked seem like child’s play. Right now, AI is the only way to assess threats in real time and shut them down before they inflict serious damage.

Many people are not comfortable becoming bedfellows with AI, and that’s something to continue to pay attention to as we continue in the 21st century. It’s not an either/or situation. While AI might work for some cybersecurity scenarios, obviously at least as much (if not more) consideration needs to be given in the areas for example, such as military AI or robo doctors.

It’s a trend we’ll keep you up to date on, and in the meantime, feel free to reach out to us with any questions or concerns you have when trying to assess just how safe you are from things like a ransomware attack. Buzz Cybersecurity provides free assessments and provides preventative care for all of your digital integrity needs.

Photo by FLY:D on Unsplash

What Is The Dark Web? Everything You Should Know

(The Good, the Bad, and the Ugly)

Many of us have been hearing about the Dark Web for some time now, but it’s usually in the vaguest terms: we don’t really understand what it is or have a firm grasp on how it might be impacting us. Much like the boogie man of our childhood, we understand it to be something bad but only on the most enigmatic level. In this blog, we’ll take a look at what the Dark Web is, it’s history, and the pros and cons of its existence.

In defining what the Dark Web is, we would be remiss if we didn’t take a moment to distinguish it from the Deep Web, with which it is often confused. Many news outlets fail to make a distinction between the two, but for the purpose of this article (and to be more factually accurate), according to Wikiedia, the deep web is “a reference to any site that cannot be accessed through a traditional search engine,” and the dark web is “a portion of the deep web that has been intentionally hidden and is inaccessible through standard browsers and methods.” Because the Dark Web is not indexed, it can only be accessed via certain networks, such as The Onion Router and The Invisible Internet Project. More on those in a minute.

The Dark Web has a muddied history. But it’s not at all new, and it may surprise you to know that it’s been around for decades. There were a string of articles that came out last year touting the 20th anniversary of the advent of the Dark Web, while other sources claim that a rudimentary form of the web’s underbelly, known as ARPANET, first originated in the 1960s as an anonymous online communications network. But if the Dark Web has been around for so long, why is it that many of us have only started hearing about it in the last few years?

The answer is not complicated. We’ve blogged before about the exponential rise of cybercrime, in the form of  ransomware, identity fraud, phishing scams. And with the rise in notoriety there has come an increased awareness of the places where cyberterrorism has been allowed to flourish unchecked.

The people that made the Dark Web possible actually started out with good intentions. In early 2000, Freenet was launched, and touted itself as a peer-to-peer, decentralised network, designed to make it less vulnerable to attack and snooping by authorities and states. To be fair, it was never squeaky clean, as it was immediately used to distribute pornography and pirated materials, but the amount of nefarious activity was a fraction of what takes place today. Back then, it was seen more as a way to share information.

In 2002, The Onion Router (also known as TOR) was created by scientists who received funding from the US Naval Research Laboratory with the hopes that it would facilitate safer communications with intelligence sources from around the world.

In 2004, the Naval Research Laboratory released the code for TOR to the public, and it quickly became the most popular means by which people accessed the Dark Web. It wasn’t long before people who had more sinister intentions found a way to subvert and take advantage of the fact that they couldn’t be tracked.

In 2010, users started taking advantage of another technological advancement: cryptocurrencies, including Bitcoin, and later on, Montero. The anonymous transfer of funds combined with the ability to do so on untraceable networks seemed like a marriage made in heaven for the sale of nearly every kind of illegal transaction possible. Only 4 years later, in 2014, a study by Gareth Owen from the University of Portsmouth found that the most commonly hosted type of content on TOR was child pornography, with the sale of illegal drugs being almost as popular.

Equally as disturbing is that the Dark Web was used by hackers and cyberterrorists connected to the Arab Spring to coordinate attacks on entire countries. And it’s only been escalating ever since. Last month, we blogged about a government-backed terrorist group in North Korea using social networks to infiltrate security teams at Google. And not to be outdone, hackers routinely market their services the highest bidder. Some have even been reported to track and extort money from pedophiles. It’s not called the Dark Web just because the exchanges happen in the shadows; there are pockets of the web that are so subversive that most people with a shred of morality can’t begin to imagine the goings-on.

However, proponents of the Dark Web state that the bad outweighs the good. Many people feel a sense of uneasiness about their every online movement being tracked. Data such as what sites they visit, what they purchase, and even their political affiliations are easily accessible. How many times have you been on Amazon looking for something, closed out of the app, and then suddenly found yourself looking at ads on Facebook for the very same product?

When the Constitution and The Bill of Rights were written, the concept of the World Wide Web may have been difficult for the Founding Fathers to conceptualize, but they were adamant about keeping the Government out of people’s private affairs so long as no one was infringing on another’s rights. They would have no doubt supported protecting citizens, especially those who are too young to defend themselves and are in need of rescue from sexual predators. But they would have also vehemently objected to a record of someone’s purchases or books borrowed from a public library being turned over to the governing authorities to be monitored and tracked.

For many people, it’s not a black-and-white issue. But it is one that will no doubt continue to be debated as we find ourselves utilizing online services more and more. With COVID-19, we saw entire industries go virtual practically overnight. So we predict that this won’t be the last time we will be blogging about the Dark Web. In the meantime, we’ll continue to keep you in the loop about all things related to your digital integrity. If you have any questions though about how to protect yourself from scammers, hackers, and cyberterrorists, reach out to Buzz Cybersecurity today for a free consultation!

Photo by Sebastiaan Stam from Pexels

Google Asking for Help from the Cyber-Community

Recently, Google announced that a North Korean government-backed hacking group known as the Lazarus Group has targeted members of the cyber-security community who specialize in vulnerability research. Google’s Threat Analysis Group (TAG) stated that the hacking group specializes in using social network groups to target security researchers and infect their operating systems with a customized backdoor malware. It’s believed that the cybercriminals hacked multiple profiles on platforms such as Twitter, LinkedIn, Telegram, Discord, Keybase, and some email to target the Google security team, which focuses on hunting down advanced persistent threat (APT) groups. The threat actors began with creating fake Twitter accounts to masquerade as security researchers, and then reached out on social media to legitimate security researchers.

“After establishing initial communications, the actors would ask the targeted researcher if they wanted to collaborate on vulnerability research together, and then provide the researcher with a Visual Studio Project,” said Adam Weidemann, a security researcher with Google TAG.

The Visual Studio Project however came already infected with malicious code that installed malware on the targeted researcher’s computer. The malware contacted a control server and waited for commands. Curiously, not every target received malware. Some simply were asked to visit a fake blog. This led some to speculate that the Lazarus Group was not working alone. The blog hosted malicious code, however, so the end result was still the same: the target’s computer was infected after visiting the site.

Of particular note was the fact that many of the researchers who were targeted and visited the site were running fully patched and up-to-date Windows 10 and Chrome browser versions and still got infected, according to Google TAG. Some believe that the cybercriminals used a combination of Windows 10 and Chrome zero-day vulnerabilities. For those that don’t know, the term zero-day vulnerability refers to an area that needs to be patched but has not yet been discovered by researchers and software developers. In most cases, the hackers discover them first.

To add to the confusion, threat actors authored several online articles and videos that analyzed these vulnerabilities to give them credibility and gain the trust of the researchers they were targeting. One of the targets got wise and called out the threat actors’ video as a fake. Not to be outdone, the threat actors began creating Twitter sock puppet account to refute these claims.

The Google TAG Team is asking anyone who believes they were also targeted to come forward so more information can be amassed about the identity of the attackers, as well as take steps to make sure they haven’t been infected. They’re also advising security researchers to review their browsing histories to check if they’ve interacted with any of the fake profiles or visited the infected blogsite. Google has published a site of all the known profiles here. The infected blogsite is under the domain name (DO NOT CLICK) blog.br0vvnn.io.

The reason behind this attack is of particular interest as well. If successful (and at the time of this blog going to print, there’s still much that is not known about how widespread and how damaging the attacks have been), it could allow North Korea to steal exploits for vulnerabilities discovered by the researchers who have been infected. These vulnerabilities could be deployed by the threat actors in future attacks with little to no cost involved where development is concerned.

Since the attack, which is believed to have been rolled out as early as January 25th, several security researchers have discussed being targeted, but none have actually admitted to having had their systems compromised, so at this time, it’s still early days in terms of figuring out how far-reaching the damage actually is.

For anyone concerned that they have been targeted by the hackers, the Google Tag Team advised:

“If you are concerned that you are being targeted, we recommend that you compartmentalize your research activities using separate physical or virtual machines for general web browsing, interacting with others in the research community, accepting files from third parties and your own security research,”

If you have questions about what preventative steps you can take to protect your business or other assets from a cyber attack, don’t hesitate to reach out to us. At Buzz Cybersecurity, we offer a variety of services including Free Lunch & Learns, Cloud Solutions, Managed IT Services, Infrastructure as Service, Support Consulting, Ransomware Protection, and more.

Every business is different, and we would love to talk with you about tailoring a plan that fits the size of your company, as well as fits your budget. Contact us today for your free assessment!

Image by Sammy-Williams from Pixabay

7 Ways to Protect Your Assets During the Holiday Season

As we close out what has been a difficult year for many, there’s a temptation to slack off being aware of the cyber risks out there, but the holiday season statistically sees an increase in cyberattacks, and experts are predicting that this year will be particularly bad. This year with COVID-19 restrictions hindering in-person activities, online purchases are expected to have a record-setting year. Cybercriminals are anticipating this, and will ramp up their efforts to take advantage of both unaware shoppers and unprotected businesses, looking to exploit sensitive information and data for the purpose of hacking. In this article, we take a look at how to stay one step ahead of the bad guys. We’ve done the research so you can actually enjoy your holidays with loved ones, rather than having to be on guard duty 24/7.

  1. Be Careful With Holiday-Themed Emails. Retailers go out of their way to send out emails touting sales and special deals, and they all look really shiny! And by all means, take advantage of those savings, but understand that phishing emails will also look festive. Pay particular attention to an email if you don’t recognize the sender, or it’s rife with spelling errors. That might be a clue that someone overseas is trying to get you to give your credit card information, or open an email with a virus attached to it.
  2. Slow Down. We’ve all clicked on a deal, only to see a pop up telling us that the special price is only available for a limited time—sometimes only minutes! Personally, I click right out of these because retailers often use this tactic to pressure you into making a bad decision that will result in buyer’s remorse, but hackers also use it to get you to throw caution to the wind, enter your credit card information, and click the buy button before you’ve really checked out the site. It’s OK to slow down and take a minute to make sure you trust the retailer on the other end.
  3. Beware of Phone Phishing Scams. I don’t know about you, but during the month of December, I am working to meet deadlines faster so I can have more time to bake cookies, attend parties, and savor the moments of peace and joy that are unique to this time of year. And all the while, I’m juggling phone calls and emails from clients. Normally, I don’t answer the phone if I don’t recognize a number, but I’ve occasionally broken my own rule, and there is usually someone on the other end trying to sell me something. They’re typically harmless telemarketers, but one time in particular I remember the person on the other end had an air of urgency and needed to verify me before he would even explain what the call was about. And when I say verify, he needed me to confirm my mother’s maiden name and the last 4 numbers of my social security number! When I refused, he tried to intimidate me with vague consequences that made me laugh out loud and hang up. Stay vigilant—this time of year scammers are counting on you juggling ten things at once and hoping you’ll have a momentary lapse in judgment.
  4. If You Must Work While Mobile, Be Extra Aware of The Risks. Many people wind up working during the holidays from hotels, airports, and anyplace that has free WiFi. But there are additional risks that come with working on-the-go, so be sure that you’re not using an unsecured network. Hackers will sit in coffee houses and lie in wait for unsuspecting victims who are tired, working against a deadline, and figure that using the free WiFi this one time won’t hurt. Trust us, it’s not worth it. A moment in lapsed judgment can wind up costing you thousands of dollars, and damage your professional reputation when you have to explain to clients how their information got leaked.
  5. Pay Attention to Your Server Activity. Server mining happens with more frequency during periods of shutdown, like holidays, when schools, businesses, and others are not using the majority of their server capacity. You’ll want to keep an eye on the activity level, and if it seems off to you, make sure to look into it right away. Buzz Cybersecurity offers Managed IT Services that can help with this.
  6. Keep You Updates Updated! The excitement of getting to see family, coupled with fast-approaching deadlines means that during the holidays, many companies and employees are more likely to put off patching until the beginning of the year, and hackers will look to take advantage of this. Updates and restarts are often seen as a frustrating barrier to getting out the door and often get overlooked, but take the time to audit. You know what they say about an ounce of prevention.
  7. Keep the Faith. As we celebrate the holidays, we want to encourage you to keep your faith in things above, and not in too-good-to-be-true sales and specials that make grandiose promises. If you get a nagging feeling that something isn’t right, don’t ignore that. At Buzz Cybersecurity, we like to think that we all have a built-in sense of discernment that helps to protect us when others would seek to harm us in some way. We encourage you to pay attention to that.

We hope you and your loved ones enjoy the happiest of holidays and stay safe. And if you want to have us run a diagnostic on how you’re doing with protecting your assets, contact us so we can help you to have peace of mind this holiday season.

Special Election Blog: Cybersecurity and the 2020 Elections

How real is the threat of election results being hacked?

As we’ve posted here on the Buzz Blog previously, cybersecurity is an ever-growing concern, especially since so many things have shifted to a remote setting since the COVID-19 pandemic hit earlier this year. And let’s be honest, it was an issue before your banker was servicing your account while the dog begs for a treat and her toddlers play on the carpet in the other room. The question though that is on the minds of many people is just how real the threat is in the context of the elections coming up. It’s impossible to accurately predict this with 100% certainty, but we’d like to take a look at some of the very real and valid concerns that people have.

To begin with, many people have questions about election security itself. How safe are the databases that store voters’ sensitive information? In 2016 it was confirmed by CBS News that the state election databases in Arizona and Illinois had been hacked. If that weren’t bad enough, at the Black Hat convention earlier that year, it was proven that voter smart cards could be used to vote multiple times. And when not all states are using a paper ballot verification system, this is concerning.

But how exactly does a voting machine get hacked? To start with, there are two types of voting machines: paper and electronic. And the problem with many electronic machines is that they are over a decade old. These machines were designed in a time when cyberattacks, while by no means unheard of, at the very least were less rampant. And the software, issued by companies like Microsoft, isn’t being updated. And because most voting machines don’t have firewalls to prevent unauthorized remote access, it’s not hard for an attacker in close proximity to target an attack with the intent of taking over the device.

We’ll talk about what can be done in light of these concerning revelations, but first, we’d be remiss if we didn’t take this opportunity to point out that cybercriminals also look to exploit the interest people take in the elections by flooding every available channel with malicious spam. Clickbait stories go out every day in emails with the hopes that people will unknowingly open and forward them, spreading malware. We’ve heard from people who had a check in their gut, but opened a suspicious email anyway and now regret it. The best advice we can give you here is that if something doesn’t feel right—pay attention to that. It’s better to double-check the source of a suspicious email and be safe.

Cybersecurity’s role in helping limit the risk of exposure

Most experts agree that election officials need to take a more revolutionized approach to prevent hacking and prevent being left behind as other industries move towards modernization and digitizing outdated infrastructure. A recent article by Security Magazine identifies 9 major election infrastructure components that are necessary in order for any election to be deemed secure, accurate, fair, and accessible:

  • Voter registration and database systems
  • Electronic poll book/onsite voter registration systems
  • Vote capture devices
  • Vote tally systems
  • Election night reporting systems
  • State and other county systems that process election data
  • Traditional and social media communication applications used for situational reporting
  • Vendor election equipment/service architectures

They also recommend that elections jurisdictions bring in a cybersecurity and advisory consulting team to assess whether there are any weaknesses in any of the above areas. Cybersecurity experts can more readily identify these areas because they are trained to know what patterns to look for. Doing so will reinforce the local elections jurisdictions to be able to pinpoint important security issues and target them for quick remediation, better understand how prepared they are to respond quickly to a security event, and be able to evaluate the strategic priority of using certain methods to reduce methods and frequency of attack.

The Bottom Line

Circling back to our original question: Can the elections be hacked? The answer is yes. There are definitely enough weak links in the system countrywide. And although a cyberattack is preventable, with the election being days away, it’s unlikely that steps will be taken between November 3rd at 7pm and the time that this blog goes to print.

If a prototype of an election cybersecurity program could be implemented, it should include precepts that would empower an election jurisdiction to pinpoint, isolate, and update any obsolete OSes on election business systems, as well as routinely conduct elections cyber-maturity assessments. Some experts advocate only using paper ballots.

The most important thing right now is to keep asking probing questions and continue to advocate for updated protocols and systematic approaches that will streamline the process and make attacks harder to succeed. While we have no doubt that these very attacks will continue to get more sophisticated and more frequent, we remain optimistic that continued vigilance and education will reduce the chances that elections will continue to be hacked.

Photo by Element5 Digital on Unsplash