Biden Inauguration: Defending Against Cyberthreats

Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime , Governance & Risk Management

Experts Warn of an Elevated Risk of Attack From Domestic, Foreign Actors

Biden Inauguration: Defending Against Cyberthreats
Photo: Virginia National Guard

As thousands of National Guard troops pour into Washington to provide security for the Jan. 20 inauguration of Joe Biden as president, cybersecurity analysts are calling attention to the need to defend against cyber incidents as well.

See Also: Roundtable Wrap: Cybersecurity Over Next 4 Years

“I expect there is some elevated risk of a cybersecurity attack, especially from those who want to demonstrate the country is in chaos and to undermine democracy,” says Phil Reitinger, a former director of the National Cyber Security Center who’s now president and CEO of the Global Cyber Alliance.

Security experts say potential risks could include attacks on critical infrastructure tied to the inauguration and threat actors using the event as a distraction that enables a major attack elsewhere in the U.S. The inaugural also could trigger the spread of disinformation.

Although cyberthreats could be posed by nation-states as well as domestic groups, the latter should be the primary concern in light of the Jan. 6 Capitol riot, says Adam Isles, former deputy chief of staff at the Department of Homeland Security. He’s now head of the cyber practice at the security advisory firm The Chertoff Group.

Boots on the Ground

An estimated 26,000 National Guard troops from across the country are being pulled into Washington to buttress the 10,000 law enforcement officers expected to be on duty that day, according to the Associated Press.

The Department of Homeland Security has designated Inauguration Day as a “national special security event,” which allows ramping up event security and incident management.

Security is also being bolstered at state Capitols and other government sites in light of threats, USA Today reports.

Potential Cyberattacks

Some security experts say a wide variety of cyberattacks could emerge in connection with the inauguration.

“National news outlets, government sites and the White House website all could potentially fall victim to DDoS, phishing or ransomware attacks,” says Ara Aslanian, CEO of the cybersecurity risk assessment firm Inverselogic, who’s overseen security at large events, including the Rose Bowl game.

More direct attacks against the event itself are also possible, with law enforcement tools such as security cameras and other monitoring devices being susceptible, he adds.

Just days before Donald Trump‘s inauguration in 2016, a Romanian citizen was arrested for taking over several CCTV cameras in Washington.

Frank Downs, a former U.S. National Security Agency offensive threat analyst, describes other potential cyberthreats. “A supervisory control and data acquisition – SCADA – or industrial control system – ICS – attack against any part of the DC municipal networks – such as the power network or the transportation grid – could create significant hurdles to the inauguration,” says Downs, who’s a director at the security firm BlueVoyant.

A nation-state actor might launch a cyberattack elsewhere in the U.S. while attention is focused on the inauguration, Isles adds.

Fraudster Activity

But Reitinger says fraudsters’ activities also should be a major cause for concern.

“As with other events, I’m more worried about cyber activity directed toward people, including greater efforts at disinformation and to phish people at their most vulnerable,” Reitinger says.

Even though this inaugural will have a much smaller crowd than previous swearing-in ceremonies, threat actors still may attempt to gather data from the mobile devices of those on hand, Downs says.

“A significant amount of metadata will be available for the taking from the emitters in the phones and other devices,” he says. Malicious actors could potentially use that information to build “pattern-of-life” dossiers that could then be used for other attacks.