November 5, 2018 By David Bisson 2 min read

A new report revealed that nearly one-third of cyber incidents reported in Q3 2018 were classified as “destructive attacks,” putting election security at risk in the lead-up to the 2018 midterms.

In its “Quarterly Incident Response Threat Report” for November 2018, Carbon Black found that 32 percent of election-season cyberattacks were destructive in nature — that is, “attacks that are tailored to specific targets, cause system outages and destroy data in ways designed to paralyze an organization’s operations.” These attacks targeted a wide range of industries, most notably financial services (78 percent) and healthcare (59 percent).

In addition, the report revealed that roughly half of cyberattacks now leverage island hopping, a technique that threatens not noly the target company, but its customers and partners as well. Thirty percent of survey respondents reported seeing victims’ websites converted into watering holes.

Time to Panic About Election Security? Not So Fast

Despite these alarming statistics and the very real risks they signify, Cris Thomas (aka Space Rogue) of IBM X-Force Red told TechRepublic that since voting machines are not connected to the internet, a malicious actor would need physical access to compromise one. This could prove challenging for attackers, who must understand not only the vulnerabilities in each individual voting machine, but also each precinct’s policies.

Bad actors could theoretically stage an attack by obtaining an official voting machine before the election and gaining physical access to it on voting day, but these machines come with checks and balances that detect when votes are changed, decreasing the liklihood of a successful attack.

Attacks Are Growing Increasingly Evasive — and Expensive

Still, the rise in destructive attacks is particularly concerning given that, as reported by Carbon Black, attacks across the board are becoming more difficult to detect. In addition, 51 percent of cases involved counter-incident response techniques, and nearly three-quarters of participants specifically witnessed the destruction of logs during these incidents. Meanwhile, 41 percent observed attackers circumventing network-based protections.

These evasive tactics could prove costly for companies. According to Accenture, threat actors could set companies back as much as $2.4 million with a single malware incident, with cybercrime costing each organization an average of $11.7 million per year.

How to Defend Against Destructive Attacks

Security professionals can defend their organizations against destructive attacks by developing a dedicated framework to predict what steps an adversary might take once inside the network. Security teams should supplement this framework with AI tools that can use pattern recognition and behavior analysis to stay one step ahead of cyberthreats.

Sources: Carbon Black, Accenture, TechRepublic

More from

How to craft a comprehensive data cleanliness policy

3 min read - Practicing good data hygiene is critical for today’s businesses. With everything from operational efficiency to cybersecurity readiness relying on the integrity of stored data, having confidence in your organization’s data cleanliness policy is essential.But what does this involve, and how can you ensure your data cleanliness policy checks the right boxes? Luckily, there are practical steps you can follow to ensure data accuracy while mitigating the security and compliance risks that come with poor data hygiene.Understanding the 6 dimensions of…

2024 roundup: Top data breach stories and industry trends

3 min read - With 2025 on the horizon, it’s important to reflect on the developments and various setbacks that happened in cybersecurity this past year. While there have been many improvements in security technologies and growing awareness of emerging cybersecurity threats, 2024 was also a hard reminder that the ongoing fight against cyber criminals is far from over.We've summarized this past year's top five data breach stories and industry trends, with key takeaways from each that organizations should note going into the following…

Black Friday chaos: The return of Gozi malware

4 min read - On November 29th, 2024, Black Friday, shoppers flooded online stores to grab the best deals of the year. But while consumers were busy filling their carts, cyber criminals were also seizing the opportunity to exploit the shopping frenzy. Our system detected a significant surge in Gozi malware activity, targeting financial institutions across North America. The Black Friday connection Black Friday creates an ideal environment for cyber criminals to thrive. The combination of skyrocketing transaction volumes, a surge in online activity…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today