Skip to the main content.
Under Attack? Login
Under Attack? Login
Managed Extended Detection & Response
Layered cybersecurity controls for effective risk management and rapid response.

24/7/365 Monitoring & Alerting
Compromise Assessments
Threat Hunting
Vulnerability Management

Book MXDR Demo

Government Programs
Integrated technology, solutions, and services that support rapid innovation within the DoD ecosystem.

CMMC Preparation & Assessment
Cybersecurity Assurance Readiness (CSAR/RMF Pro)
ATO/RMF Support

Book GP Demo

Professional Services
Expertise in security strategy, incident response readiness, policy development, and risk assessments.

Risk Assessments
vCISO
Penetration Testing

Book ProServ Demo

Digital Forensics & Incident Response
Are You Under Attack?

If you are concerned about a potential threat or are experiencing a breach, contact our 24/7/365 emergency hotline at 888-860-0452.

CONTACT US

Resources

Subscribe-to-NetSec-News-v4Subscribe to NetSec News

Sign up to receive our biweekly newsletter that covers what's happening in cybersecurity including news, trends, and thought leadership.

SIGN UP

Company

Ingalls Information Security

At our core, Ingalls is a company that strives to be helpful to our clients while continuously innovating and evolving our technology and solutions. Since 2010, we have been dedicated to building a team and product that can stay steps ahead of threats, attacks, and vulnerabilities in an ever-changing landscape.

Meet The Leadership Team

1 min read

Flaws Expose Local, State Authorities In Coming Election

Picture of Jason Ingalls Jason Ingalls Jan 29, 2020 5:30:00 PM

Cybersecurity Controls

In 2019, Ingalls was called upon to help respond to a variety of different breach response scenarios that involved ransomware attacks against a significant number of commercial, non-profit, and government organizations. In addition to our breach response work, our team also protects many organizations through proactive risk management.

New call-to-action

Late last year, we saw a pattern and some concerning data that led us to develop a threat model that we’ve recently submitted to the National Association of Secretaries of State (NASS).

We believe this threat model could potentially be used by well-resourced organizations to disrupt the upcoming presidential election. These groups have the ability to target local- and state-level authorities with ransomware before and immediately following Election Day. We’ve included the original Threat Intelligence whitepaper below, but you can also download it from the NASS website here.

It is important to note that this model is based on capabilities that we know our adversaries possess, specifically the ability to gain access to credentials for cloud-based management consoles and remote access software. We have seen countless cases in which victims believed they had adequate anti-virus protection, when in fact, the attackers were able to execute ransomware encryption software despite a popular antivirus being installed. 

Finally, we would also like to point out that the recommendations we make to prevent this type of attack have all been presented as cybersecurity best practices for years. Next-generation anti-virus, multi-factor authentication, and other technologies are readily available and should be deployed for more reasons than the threat model we share.

We hope that by sharing this threat model with the cybersecurity and IT Managed Services communities as well as state and local election authorities, we can raise awareness about this situation. We believe this threat is entirely avoidable, but still very possible due to the current state of cybersecurity risk management controls employed by many MSPs and local and state election authorities.

Contact Ingalls Information Security to schedule an assessment and training session, and to discuss our incident response readiness program.
Subscribe to Network Security News