Cyber Threats to the US Elections

This image relates to cyber threats to the US elections.

As the US heads toward its presidential election in 2024, a cyber attack hangs over the voting process. As foreign and domestic actors try to interfere with electoral processes, cybersecurity is now a tricky area more than ever. A new wave of cyberattacks reveals how those threats are shifting: 

  • Information stolen from the California Secretary of State’s office by threat actor Vadimblyaa puts sensitive government data at risk. 
  • Hikkl-Chan’s hack of the Florida Department of State resulted in the loss of more than 17 million records. 
  • Open leaks of vulnerable infrastructure, such as the 61DB data leak in Carthage_Rocket, illustrate how national security is at stake. 
  • Data from finances and operations have also been leaked: from Tutankhamun’s hack of the USA Money Payout System to the release of CIA reports on joint cyber operations by newxl. 
  • And the most shocking rumor we’ve ever heard of on October 11th: the sale of more than 42,000 US presidential campaign files. This hack increases questions about the security of campaign messaging and voter trust. 

Such events and more in the election year 2024 illustrate how critical it is to be vigilant, countervailing, and educating citizens to maintain the integrity of elections. 

Overview of Cyber Threats to US Elections

The cybersecurity situation of US elections is now more complex, and all types of cyberattacks are extremely dangerous to electoral security. These are all threats ranging from advanced technical attacks on voting systems to mass disinformation campaigns to shape public opinion. Here is a breakdown of the top two types of cyber attacks on US elections and who they are coming from.

Types of Threats

Hacking Election Infrastructure (electronic voting machines, voter records): Direct hacking of election infrastructure is the most serious risk to the election process. Attacks could lead to miscounts, falsified voter registration, and lost or delayed voting. The most sophisticated attacks, such as ransomware and malware hacking, can even shut down the elections and lead to widespread devastation and dissuasion of voter confidence.

 

Disinformation Movements and Social Media Influence Disinformation is the most effective media force in determining the opinion of citizens and the voting preferences of voters. Cyber-criminals are using propaganda and fake news on social media to entrench political polarisation and undermine confidence in democracy. The campaigns can compound preexisting social unrest and create a climate of mistrust and cynicism long after the election is over.

 

Distributed Denial of Service (DDoS) Attacks: DDoS attacks are still one of the more significant issues in electoral processes as they are designed to overload online services with traffic and make them unavailable. Such an attack can disable voter registration, election information websites, and election results reporting. While new technologies offer better protection from DDoS attacks, the sheer number and rapid nature of these attacks still pose challenges to election authorities and cybersecurity personnel.

Key Actors

Threat Actors of Nation-states such as Russia, China, and Iran routinely hire advanced persistent threat (APT) teams to meddle in foreign elections. Such actors typically have sufficient capital and technical skills to run extended cyberattacks targeting key elements of election systems. Their purpose is usually destabilizing democracy, aligning themselves with geopolitics, and reducing international confidence in the US election process.

 

Independent Cybercriminals and Hacktivist Organizations Outside the state-sponsored operations, it’s independent cybercriminals and hacktivist organizations with ideological ambitions who can cause a major threat. These organizations might attack voting systems for economic gain – for example, by launching ransomware to pay government departments. Hacktivist organizations, however, could also be ideologically motivated and attempt to destabilize elections in order to declare a political opinion or advance a narrative. They are so inflexible and thus hard to fight, as their reasons and means evolve rapidly.

 

Historical Incidents and Lessons Learned

Election cybersecurity has seen a lot of innovation because of recent elections like 2016 and 2020. Such lessons have changed the US’ attitude toward election security, and led to new strategies and full-spectrum approaches to protecting the democratic process.

Notable Examples

2016 Election Incidents: It was during the 2016 election that we learned about the scope of election cybersecurity threats. Russian hackers probed election systems in every state in the US and penetrated voter registration databases in at least two of them. This organized and mass campaign revealed fundamental cracks in election infrastructure and the sophistication of international enemies. The attack showed how much more needed to be done to secure voter information and electoral integrity with better cybersecurity.

 

2020 Election Developments:

The 2020 election cycle presented even more sophisticated threats. For example:

 

  • Iranian hackers hacked into a state voter registry and used stolen information to launch voter intimidation campaigns, planting conflict and confusion.
  • The election also saw an escalation in internal disinformation campaigns and concerted social media manipulation to manipulate voters and lose trust along the way.

 

All these incidents showed that election security is not just about preventing physical and digital hacks, but also against the use of information to attack trust in democratic institutions.

Key Lessons Learned

Infrastructure Vulnerabilities: What has come from these election seasons is that voter registration records are prone to abuse. Like voting machines, these databases are always connected to the internet and thus ripe for cyberattacks. The election authorities have responded with new security measures and redundancies like:

 

  • Interstate voter registration check tools to flag a fake voter.
  • Voter rolls were printed on paper so voter data was available if the digital systems went down.
  • Voting continuity provisional balloting systems.
  • New audit features to verify votes and verify votes.

 

Supply Chain Security: In the case of the election software supply chain, the integrity of supply has been put on a stronger defensive posture after recent incidents have come to light. One case, for example, in New Hampshire showed that foreign developers used voter-registration software without any oversight. This realization prompted more rigorous verifications for election software providers and a rethinking of supply chain security to avoid unauthorized access and backdoors.

 

Disinformation Defense: The advent of disinformation campaigns recast election security to consider more than technical security but also public trust-building measures. Candidates have realized that protecting systems from attacks is not the only challenge – battling disinformation and retaining voters’ trust are as important. Malign elements can use even the smallest technical problems to propagate conspiracy theories and so enhance the feeling of general fraud and the lack of faith in the outcome of the election.

 

Current Measures in Place

As elections are becoming increasingly more cyber-threatening, the US has been proactively addressing its cybersecurity risk through federal and state cooperation. These are designed to safeguard election infrastructure, keep voting reliable, and ensure voter confidence.

Cybersecurity Efforts

Federal and State-Level Collaboration: A pillar of the election security measures in place today is a partnership between federal agencies and local election authorities. This coordination is central to the work of the Department of Homeland Security (DHS), in particular, its Cybersecurity and Infrastructure Security Agency (CISA). CISA is on hand to offer threat intelligence sharing, vulnerability assessment, and technical assistance to state and local election offices to enhance their cybersecurity defenses. This alliance makes sure that practices and resources are uniformly disbursed so that even smaller jurisdictions can access federal expertise.

Voting System Upgrades & Cybersecurity Frameworks Enhancement: Much has been done to update the election infrastructure. More and more states are upgrading to more secure, robust voting infrastructure incorporating the latest hardware and software components that can withstand attacks. That means having multi-factor authentication on voter database access, regular software patches and updates, and robust firewall controls. Detailed cybersecurity models were put in place, focusing on proactive monitoring and incident response. States have also imposed mandatory risk-limiting audits to ensure the correct vote counts and facilitate the electoral process.

Technological Innovations

Use of Blockchain: A technology for improving election security is Blockchain. With its distributed ledger, permanent recordkeeping is capable of storing votes for traceability and auditing. Although still very much in the pilot phase, blockchain would make vote fraud so much more challenging by offering an auditable and open record of every ballot cast.

Improved Audit Trails: Voting systems also now have audit trails, which are an indispensable safeguard against electoral meddling. And the use of paper ballot backups (which make electronic vote counts compareable to a paper ballot record) has become more widespread. This is an important move in terms of building trust since election administrators can perform post-election audits without fear. Those audits can rapidly pick up anomalies or inconsistencies and verify the election.

End-to-end Encryption: End-to-end encryption was standardized for election-related communication and data transfer protocols. As the technology encrypted data at the origin, and then kept it encrypted to the destination, the risk of interceptions and unauthorized access is decreased. This safeguards information — like voter registration information, ballot transmissions (when electronic voting is used), and messages among election officials — against outsiders through encryption.

Current Security Strategies

In response to the lessons, the current standard of election security measures is now:

 

  • Security checks and vulnerability analysis on a regular basis to prevent threats.
  • Added vendor responsibility to hold all election software to very high-security standards.
  • Better coordination between federal and state departments means a shorter response time and analysis of threats.
  • Rapid response services for both technical cyberattacks and disinformation.
  • Multiple redundancy mechanisms and backup mechanisms in case of interruption and continuity of voting.
  • Election security is still shaped by threats, and policymakers continue to tweak and learn from each election cycle. 

 

This continuous adaptation is necessary to ensure the security of future elections is protected against both old and new cyber threats.

 

Challenges and Emerging Threats

Even as U.S. elections have been won with a lot of success, the issues and new threats continue to mount, and we will always have to be vigilant and responsive. Here are some of the vulnerabilities and threats that election officials and cybersecurity specialists should be aware of as they strive to defend the integrity of the elections.

 

Persistent Vulnerabilities

Potential Exclusions in Lower-Election States: Elections remain a top hurdle because resources and expertise are unevenly distributed among election jurisdictions. Littler counties and cities do not have the resources and technical know-how to have a strong cybersecurity program in place. While big jurisdictions might be equipped with dedicated IT and cybersecurity personnel, smaller jurisdictions are dependent on outmoded technologies and fewer employees. Such loopholes are attractive to hackers, who see that these spots can be used as points of entry to hack a more general election infrastructure.

 

Humans: Phishing, Social Engineering, and Other Technologies: Security defenses are as robust only as the weakest link, and a lot of the time, that link is human. Email phishing and social engineering aren’t disappearing, either, as hackers leverage deception to trick election officials and employees into handing over sensitive information or accessing networks without authorization. Even with awareness training, advanced phishing attacks can copy legitimate messages and become hard to track and harder to hack. This loophole can cause hacks into voter lists, election systems, and emails, as well as compromise the voting process.

 

Future Concerns

AI-Driven Disinformation: With AI, a technology that has changed much about technology, comes new difficulties in terms of election security. Disinformation campaigns that use AI can now produce extremely persuasive, robotic content on a scale never before seen. Such campaigns can amplify distortions more effectively, stabilize target groups with specialized misinformation, and capitalize on social and political divides. AI makes it possible to multiply the amount of disinformation and quickly spread it, drowning fact-checkers and confusing the electorate.

 

Deepfake Technology: The deepfake — where machines learn and produce extremely realistic but false videos and sound — is also a threat to the voter’s experience. These fake media pieces can be used to pretend to be politicians, broadcast deception, or make events seem like they didn’t happen. It is a very real risk for the credibility of truth that deepfakes could cause for public confidence in candidates and institutions and for the authenticity of information. The challenge for election officials and citizens is to be able to distinguish truth from fiction, and the tech only makes that challenge more difficult as time goes on.

 

Security for U.S. elections involves continuous monitoring and proactively working against evolving cyber-attacks. We need to keep investing in cybersecurity, public education, and flexible policies if we’re going to maintain electoral integrity and trust. If democracy is to be protected, officials and citizens need to be educated, engaged and prepared to fight these enduring and nascent evils.

 

Sources

  1. https://cyberscoop.com/2024-us-election-disinformation-threats-post-election-warning/
  2. https://www.cfr.org/expert-brief/understanding-threats-us-election-security-2024
  3. https://www.nytimes.com/2024/11/04/us/politics/election-threats-russia.html
  4. https://timesofindia.indiatimes.com/world/us/us-elections-fbi-investigates-allegations-of-stolen-trump-campaign-documents-in-cyber-attack/articleshow/112480631.cms
  5. https://govciomedia.com/the-opportunities-and-challenges-of-securing-the-2024-election/
  6. https://www.theguardian.com/us-news/2024/nov/04/election-office-security-threats
  7. https://thecyberexpress.com/biggest-cyber-threat-to-election-security/
  8. https://www.politico.com/news/2024/09/01/us-election-software-national-security-threats-00176615
  9. https://www.npr.org/2024/11/04/nx-s1-5178083/national-guard-police-election-security 

 

More posts

This image is about monthly vulnerabilities for September 2024.
This image is about the ServiceNow data leak.
This image is about monthly vulnerabilities for July 2024.
This image is about cyber strategies for the Paris Olympics 2024.
This image is about Russian influence operations targeting the Paris Olympics 2024.
advanced divider

Share this article

Found it interesting? Don’t hesitate to share it to wow your friends or colleagues
advanced divider
Subscribe to our blog newsletter to follow the latest posts