FBI: Disinformation attacks on election results 'likely'

There's a new disinformation threat to watch out for during the 2020 U.S. elections, and this time it involves the results themselves.

The FBI and Cybersecurity and Infrastructure Security Agency (CISA) released a joint public service announcement Tuesday night warning that foreign threat actors and cybercriminals are "likely" to spread disinformation regarding election results.

Specifically, threat actors would do this by creating new websites, changing existing ones and creating or sharing "corresponding social media content to spread false information in an attempt to discredit the electoral process and undermine confidence in U.S. democratic institutions," the announcement read.

The announcement touched on how election officials require days to weeks to certify election results and ensure that all legally cast votes are counted.

"The increased use of mail-in ballots due to COVID-19 protocols could leave officials with incomplete results on election night. Foreign actors and cybercriminals could exploit the time required to certify and announce elections' results by disseminating disinformation that includes reports of voter suppression, cyberattacks targeting election infrastructure, voter or ballot fraud, and other problems intended to convince the public of the elections' illegitimacy," the FBI said in the announcement.

CISA director Chris Krebs tweeted about the announcement and encouraged the public to be patient so that election results can be accurately tallied.

Good guidance here. Top takeaway: election officials are pros and getting the vote count right takes time. That’s how it’s always been. A little bit of patience goes a long way. #TrustedInfo2020 #Protect2020 https://t.co/PFuMaVzfBh

— Chris Krebs (@CISAKrebs) September 22, 2020

Even if foreign threat actors or cybercriminals were able to change an election-related website (perhaps to falsely say a presidential candidate won), "the underlying data and internal systems would remain uncompromised," the announcement said.

The FBI and CISA offered multiple recommendations for the American public to follow, including the following steps:

• Seek out information from trustworthy sources (like state and local election officials);
• Use multiple sources to verify reports regarding problems in the election process before posting about it on social media; and
• Report potential election crimes to the FBI.

Multiple FBI field offices have public posted advisories about election security and "foreign influence" operations in recent weeks, with Washington, D.C.; El Paso, Texas; and Charlotte among them. The El Paso FBI alert noted that "Foreign adversaries, including Russia and China, and foreign-aligned groups try to illegally influence American political processes" and may use common approaches like disinformation campaigns and cyber attacks on political campaigns and election infrastructure.

Election security has been a much-discussed topic this election cycle, with a great deal of focus around not only disinformation campaigns, but also mail-in ballots. While law enforcement agencies have already identified threat activity such as spreading election disinformation on social media, it's unclear whether adversaries have actually spoofed or hijacked websites to further their causes.

CISA has not responded to SearchSecurity's request for comment.