DarkOwl: Dark Web Focused on Election Security Vulnerabilities

Specific machines are cited with ways to exploit potential vulnerabilities.

Edward Gately, Senior News Editor

October 27, 2020

3 Min Read
Election Security

New DarkOwl research shows election security vulnerabilities are a hot topic on the dark web. It’s especially concerning that there are specific instructions on exploitation.

These vulnerabilities include exposed voter registration data and ballot tallying technologies. The dark web also highlights malicious ways they can be manipulated to affect results and undermine election credibility.

DarkOwl works with MSSP partners such as CyberDefenses. It works with state governments to secure information networks to prevent any disruption or intrusion.

Darknet Discussion

Mark Turnage is DarkOwl‘s CEO.


DarkOwl’s Mark Turnage

“Much of the most recent election security vulnerabilities on the dark net is right-wing extremist groups discussing voter fraud of mail-in ballots,” he said. “Discussions are centered around disseminating open source news articles about potential fraud across the U.S, many of which are authored by right-leaning news outlets such as The Daily Stormer. Much of the chatter is anecdotal, accusing the machines themselves of facilitating fraud or hiding an insidious insider working the election with intent to have a particular candidate elected.”

Others are more specific, Turnage said. Actual machines are called out, with details on how to exploit vulnerabilities and the likelihood their systems are not up to date. For example, a user discusses the DS850 ballot counting machine and how to exploit via a fake USB firmware update.

“Data posted across the dark net from U.S. election systems primarily consists of voter registration data … ” he said. “This information is considered open source and publicly available. While election officials have openly stated this presents no potential threat to the integrity of the election with this data being available – for example, the databases do not invalidate provisional ballots, etc. – some dark net forum threads have actually included the voter registration data, alongside compromised state driver’s licenses’ databases and Experian’s database breach, which would connect the necessary PII to the voter registration data to potentially interfere with individuals’ vote; for example, suppression or individual voter fraud.”

Here are nine ways cybercriminals are trying to steal your vote.

More Eyes on This Election

DarkOwl also observed significant activity around the 2018 midterms, Turnage said.

“The 2020 general election is significant as events throughout the year – for example, pandemic, economic collapse, etc. – has more eyes on the future of the U.S. and its democracy than ever before,” he said. “People are also confined to their homes and online more than in previous elections, which could explain the increased activity.”

The DarkOwl dark web research shows no hidden financiers of those eager to exploit election security vulnerabilities, Turnage said.

QAnon and other right-leaning extremist groups are ideologically invested in proving widespread voter fraud is occurring,” he said. “Nation-sponsored threat actors are not as vocal on the dark net about their intentions.”

DarkOwl and CyberDefenses provide the following recommendations to state election officials:

  • Small-volume software and firmware updates for each of the machines to minimize network exposure.

  • Proactive personnel training on how to detect potentially malicious USB firmware updates physically mailed to their facilities. In addition, they need to spot network redundancy in the case of any DDoS attack on the state-level offices.

CyberDefenses also is helping election officials around the country shore up their systems, Turnage said.

CyberDefenses believes the bigger threat will come on the day of and days immediately after the election. Widespread disinformation circulation is most likely on social media and malicious proxy propaganda media sources.

Read more about:

MSPsChannel Research

About the Author(s)

Edward Gately

Senior News Editor, Channel Futures

As news editor, Edward Gately covers cybersecurity, new channel programs and program changes, M&A and other IT channel trends. Prior to Informa, he spent 26 years as a newspaper journalist in Texas, Louisiana and Arizona.

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like