Discover more from Zero Day
AP Says It Experienced Unprecedented Cyber "Attacks" During 2020 Election
These included 10,000 daily phishing attempts and an average of 1.8 million web-based “attacks” per month.
The CEO of the Associated Press said his news service received unprecedented cyber “attacks” during last year's presidential election.
They “came in withering numbers,” were sophisticated, and came from around the world. He cited Pakistan, Taiwan and “most especially the Russian Federation” as sources of some of the activity.
Gary Pruitt, CEO of the Associated Press, was speaking at an election security workshop hosted by the University of Southern California.
In 2016, he said the malicious activity against AP was primarily DDoS attacks. But in 2020, he described them as more sophisticated attempts to “find backdoors in our platforms and systems.” AP, he said, was successful in fending them off.
He said that last year, AP averaged 10,000 phishing attempts daily. Of those, 10 percent contained malware. AP also averaged 1.8 million web-based “attacks” per month, or more than 50,000 per day. Most of the latter were automated and unsophisticated and were caught by AP’s automated detection systems. “But some are very sophisticated and challenging,” Pruitt said.
[Note: I’ve put “attacks” in quotes because security experts disagree on whether they consider phishing attempts, DDoS campaigns and automated web scanning “attacks'.”]
AP plays a critical role in election reporting and is therefore an obvious target for anyone who might want to create confusion on Election Night and disrupt the reporting of results.
The news service feeds content to more than 12,000 media outlet customers around the world and has played a critical role in elections for 175 years, tabulating presidential election results since 1848.
AP counts and compiles votes around the U.S., and is often the first to call the winner in races. In 2020, the news services counted the votes in more than 7,000 elections across the country, calling the winner in each of these races, Pruitt said. AP also conducts election polls and produces thousands of stories, photos and videos about elections.
Before the 2016 presidential election, Pruitt got a call from Homeland Security Secretary Jeh Johnson who told him that DHS considered AP the most important “single point of failure.” If AP were successfully hacked, Johnson told Pruitt, confidence in U.S. democracy would be shaken.
“The overwhelming majority of the world’s media was relying on AP for election results, and if those numbers were not forthcoming, people would wonder what’s wrong with the United States,” Pruitt said during the USC workshop. “If you go on Google and search [for election results], you see AP’s election results…. We’re their only source.”
AP does have contingency plans if it’s hacked. There are also plans if the internet goes down or there are blackouts on the electric grid or landlines stop working.
“They’re not pretty, but we have plans,” Pruitt said.
“If something goes wrong on election night, we feel prepared. But I do understand that I will receive a subpoena to testify before Congress, and under my name will be my title as the ‘former head of the Associated Press.’ So I understand the stakes are high.”