As the US heads toward its presidential election in 2024, a cyber attack hangs over the voting process. As foreign and domestic actors try to interfere with electoral processes, cybersecurity is now a tricky area more than ever. A new wave of cyberattacks reveals how those threats are shifting:
Such events and more in the election year 2024 illustrate how critical it is to be vigilant, countervailing, and educating citizens to maintain the integrity of elections.
The cybersecurity situation of US elections is now more complex, and all types of cyberattacks are extremely dangerous to electoral security. These are all threats ranging from advanced technical attacks on voting systems to mass disinformation campaigns to shape public opinion. Here is a breakdown of the top two types of cyber attacks on US elections and who they are coming from.
Hacking Election Infrastructure (electronic voting machines, voter records): Direct hacking of election infrastructure is the most serious risk to the election process. Attacks could lead to miscounts, falsified voter registration, and lost or delayed voting. The most sophisticated attacks, such as ransomware and malware hacking, can even shut down the elections and lead to widespread devastation and dissuasion of voter confidence.
Disinformation Movements and Social Media Influence Disinformation is the most effective media force in determining the opinion of citizens and the voting preferences of voters. Cyber-criminals are using propaganda and fake news on social media to entrench political polarisation and undermine confidence in democracy. The campaigns can compound preexisting social unrest and create a climate of mistrust and cynicism long after the election is over.
Distributed Denial of Service (DDoS) Attacks: DDoS attacks are still one of the more significant issues in electoral processes as they are designed to overload online services with traffic and make them unavailable. Such an attack can disable voter registration, election information websites, and election results reporting. While new technologies offer better protection from DDoS attacks, the sheer number and rapid nature of these attacks still pose challenges to election authorities and cybersecurity personnel.
Threat Actors of Nation-states such as Russia, China, and Iran routinely hire advanced persistent threat (APT) teams to meddle in foreign elections. Such actors typically have sufficient capital and technical skills to run extended cyberattacks targeting key elements of election systems. Their purpose is usually destabilizing democracy, aligning themselves with geopolitics, and reducing international confidence in the US election process.
Independent Cybercriminals and Hacktivist Organizations Outside the state-sponsored operations, it’s independent cybercriminals and hacktivist organizations with ideological ambitions who can cause a major threat. These organizations might attack voting systems for economic gain – for example, by launching ransomware to pay government departments. Hacktivist organizations, however, could also be ideologically motivated and attempt to destabilize elections in order to declare a political opinion or advance a narrative. They are so inflexible and thus hard to fight, as their reasons and means evolve rapidly.
Election cybersecurity has seen a lot of innovation because of recent elections like 2016 and 2020. Such lessons have changed the US’ attitude toward election security, and led to new strategies and full-spectrum approaches to protecting the democratic process.
2016 Election Incidents: It was during the 2016 election that we learned about the scope of election cybersecurity threats. Russian hackers probed election systems in every state in the US and penetrated voter registration databases in at least two of them. This organized and mass campaign revealed fundamental cracks in election infrastructure and the sophistication of international enemies. The attack showed how much more needed to be done to secure voter information and electoral integrity with better cybersecurity.
2020 Election Developments:
The 2020 election cycle presented even more sophisticated threats. For example:
All these incidents showed that election security is not just about preventing physical and digital hacks, but also against the use of information to attack trust in democratic institutions.
Infrastructure Vulnerabilities: What has come from these election seasons is that voter registration records are prone to abuse. Like voting machines, these databases are always connected to the internet and thus ripe for cyberattacks. The election authorities have responded with new security measures and redundancies like:
Supply Chain Security: In the case of the election software supply chain, the integrity of supply has been put on a stronger defensive posture after recent incidents have come to light. One case, for example, in New Hampshire showed that foreign developers used voter-registration software without any oversight. This realization prompted more rigorous verifications for election software providers and a rethinking of supply chain security to avoid unauthorized access and backdoors.
Disinformation Defense: The advent of disinformation campaigns recast election security to consider more than technical security but also public trust-building measures. Candidates have realized that protecting systems from attacks is not the only challenge – battling disinformation and retaining voters’ trust are as important. Malign elements can use even the smallest technical problems to propagate conspiracy theories and so enhance the feeling of general fraud and the lack of faith in the outcome of the election.
As elections are becoming increasingly more cyber-threatening, the US has been proactively addressing its cybersecurity risk through federal and state cooperation. These are designed to safeguard election infrastructure, keep voting reliable, and ensure voter confidence.
Federal and State-Level Collaboration: A pillar of the election security measures in place today is a partnership between federal agencies and local election authorities. This coordination is central to the work of the Department of Homeland Security (DHS), in particular, its Cybersecurity and Infrastructure Security Agency (CISA). CISA is on hand to offer threat intelligence sharing, vulnerability assessment, and technical assistance to state and local election offices to enhance their cybersecurity defenses. This alliance makes sure that practices and resources are uniformly disbursed so that even smaller jurisdictions can access federal expertise.
Voting System Upgrades & Cybersecurity Frameworks Enhancement: Much has been done to update the election infrastructure. More and more states are upgrading to more secure, robust voting infrastructure incorporating the latest hardware and software components that can withstand attacks. That means having multi-factor authentication on voter database access, regular software patches and updates, and robust firewall controls. Detailed cybersecurity models were put in place, focusing on proactive monitoring and incident response. States have also imposed mandatory risk-limiting audits to ensure the correct vote counts and facilitate the electoral process.
Use of Blockchain: A technology for improving election security is Blockchain. With its distributed ledger, permanent recordkeeping is capable of storing votes for traceability and auditing. Although still very much in the pilot phase, blockchain would make vote fraud so much more challenging by offering an auditable and open record of every ballot cast.
Improved Audit Trails: Voting systems also now have audit trails, which are an indispensable safeguard against electoral meddling. And the use of paper ballot backups (which make electronic vote counts compareable to a paper ballot record) has become more widespread. This is an important move in terms of building trust since election administrators can perform post-election audits without fear. Those audits can rapidly pick up anomalies or inconsistencies and verify the election.
End-to-end Encryption: End-to-end encryption was standardized for election-related communication and data transfer protocols. As the technology encrypted data at the origin, and then kept it encrypted to the destination, the risk of interceptions and unauthorized access is decreased. This safeguards information — like voter registration information, ballot transmissions (when electronic voting is used), and messages among election officials — against outsiders through encryption.
In response to the lessons, the current standard of election security measures is now:
This continuous adaptation is necessary to ensure the security of future elections is protected against both old and new cyber threats.
Even as U.S. elections have been won with a lot of success, the issues and new threats continue to mount, and we will always have to be vigilant and responsive. Here are some of the vulnerabilities and threats that election officials and cybersecurity specialists should be aware of as they strive to defend the integrity of the elections.
Potential Exclusions in Lower-Election States: Elections remain a top hurdle because resources and expertise are unevenly distributed among election jurisdictions. Littler counties and cities do not have the resources and technical know-how to have a strong cybersecurity program in place. While big jurisdictions might be equipped with dedicated IT and cybersecurity personnel, smaller jurisdictions are dependent on outmoded technologies and fewer employees. Such loopholes are attractive to hackers, who see that these spots can be used as points of entry to hack a more general election infrastructure.
Humans: Phishing, Social Engineering, and Other Technologies: Security defenses are as robust only as the weakest link, and a lot of the time, that link is human. Email phishing and social engineering aren’t disappearing, either, as hackers leverage deception to trick election officials and employees into handing over sensitive information or accessing networks without authorization. Even with awareness training, advanced phishing attacks can copy legitimate messages and become hard to track and harder to hack. This loophole can cause hacks into voter lists, election systems, and emails, as well as compromise the voting process.
AI-Driven Disinformation: With AI, a technology that has changed much about technology, comes new difficulties in terms of election security. Disinformation campaigns that use AI can now produce extremely persuasive, robotic content on a scale never before seen. Such campaigns can amplify distortions more effectively, stabilize target groups with specialized misinformation, and capitalize on social and political divides. AI makes it possible to multiply the amount of disinformation and quickly spread it, drowning fact-checkers and confusing the electorate.
Deepfake Technology: The deepfake — where machines learn and produce extremely realistic but false videos and sound — is also a threat to the voter’s experience. These fake media pieces can be used to pretend to be politicians, broadcast deception, or make events seem like they didn’t happen. It is a very real risk for the credibility of truth that deepfakes could cause for public confidence in candidates and institutions and for the authenticity of information. The challenge for election officials and citizens is to be able to distinguish truth from fiction, and the tech only makes that challenge more difficult as time goes on.
Security for U.S. elections involves continuous monitoring and proactively working against evolving cyber-attacks. We need to keep investing in cybersecurity, public education, and flexible policies if we’re going to maintain electoral integrity and trust. If democracy is to be protected, officials and citizens need to be educated, engaged and prepared to fight these enduring and nascent evils.