Safeguarding Elections from Cyberthreats

Strengthening cybersecurity for elections is paramount this year, as the 2024 calendar year is host to numerous high-profile elections. The integrity of the democratic voting process will almost certainly be tested as nation-state-level cyber threat actors will likely aid sponsoring governments in achieving their global objectives. 

With geopolitical conflicts increasingly playing out in cyberspace, it has always been challenging for nation-states to influence the political climate while avoiding direct attribution. Exerting influence on elections can alter the decision processes of both the public and high-level officials to align with the interests of foreign powers while simultaneously attacking the democratic foundation of rival nations. 

This influence can occur via the implementation of a suite of cyberwarfare tactics, including destructive cyber-attacks, Information Operations (IO), and disinformation campaigns resulting in numerous potential real-world scenarios including, but not limited to, influencing the international population, creating social division and undermining the democratic institutions of rival nations.

The Growing Influence of Technology on the Voting Process

As technological advances are incorporated into the voting process, elections have become more digitally driven than at any other time in history. The voting infrastructure includes internet voting systems, registration databases, and national election networks, which are now critical components of election systems. 

With approximately half of the world’s population due to being involved in national elections throughout 2024, a high level of vigilance will be required across all industry sectors to counter the threat of misinformation, disinformation, and malinformation. Vigilance is required due to the interconnectivity of the technologies and platforms that nation-state-level cyber threat actors will likely leverage as they seek to expand attack surfaces to interfere with and disrupt the electoral process. 

The slate of elections scheduled for 2024 is set to occur for the first time following recent significant enhancements in artificial intelligence (AI). Therefore, nation-states will likely leverage this technology to influence voting behavior in favor of state interests. Priority cyber targeting throughout the election periods will probably involve the government sector, election-related networks, national and local political parties, and the personal devices of election officials. However, as with all cyberwarfare engagements, a spillover into private sector businesses is likely. 

Mitigating AI-Driven Cyber Threats 

With AI capabilities growing at an unprecedented rate, this technology will likely be leveraged by malicious cyber operators, at both the nation-state and cybercriminal level, to compromise the security and integrity of election infrastructure. Cyber threat actors have numerous generative AI tools at their disposal, ranging from deep fake videos and voice cloning to AI-generated SMS messages that can be compiled to implement a variety of cyber-attack vectors. These include scaled social engineering and phishing campaigns and enhanced distributed denial-of-service (DDoS) attacks to manipulate voters and disrupt the operation of election-themed websites. 

Generative AI is an attractive option for politically driven and nation-state-sponsored threat actors due to scalability, reduced cost, speed of implementation, and the ability to deploy advanced malware payloads against electoral systems that can evade defensive measures. 

Targets of AI-driven cyber-attacks involving the elections could include:

• Electoral Process: Manipulative AI methods could be leveraged to spread false information surrounding voting procedures. 
• Election Officials: AI tools could collect sensitive data, resulting in potential doxing attacks against election officials, including party candidates.
• Election Offices: AI-driven spear phishing operations could be launched against election staff to gain access to sensitive election data.
• Election Vendors: AI capabilities could be leveraged to influence the trust level of the public surrounding election vendors.

Safeguards and Mitigation Strategies

We must be aware of the potential for cyber threats to increase during high-profile elections. Additional vigilance is necessary so governments and other agencies can implement the proper safeguards and mitigation strategies. Most optimal mitigation measures involve industry-standard cybersecurity best practices. Therefore, it is vital for both governments and private sector businesses to understand these strategies to protect their accounts and devices. Doing so will defend against possible attacks on both businesses and democracy.

A pivotal mitigation to election-based cyber threats is increased monitoring of network systems via an effective and monitored endpoint detection and response (EDR) solution to detect malicious intrusions. Governments and their partners need to take a proactive strategy to share threat intelligence. Conducting attack emulation scenarios that imitate election-oriented disruptions is critical. 

Additionally, government-level entities should understand how vulnerable technology intersects with their election processes. They should conduct comprehensive threat and risk assessments. Finally, implementing robust defensive measures is essential to combat foreign espionage and reduce the risk of disruption.

Specific Measures to Counter AI Threats

Specific measures may be required to defend against AI-driven threats, but they’ll vary by attack vector. To protect against AI-based phishing and social engineering operations, it will be critical for government bodies and businesses to:

• Apply robust authentication protocols, such as multi-factor authentication (MFA).
• Use email authentication protocols, such as domain-based message authentication.
• Limit social media attack surfaces by applying strong privacy policies and removing personally identifiable information (PII) from profiles.
• Transition to zero trust security principles to prevent unauthorized users from accessing sensitive data and services.

Personal social media accounts should be made private to reduce the risk of impersonation. This privacy setting limits access to images by nefarious cyber actors. Old profiles that are no longer in use should be deactivated or deleted. Sensitive data can be protected by validating requests for information sent through secondary channels. Likewise, identity verification should be used for real-time communications. Adopting passphrases and educating employees are additional methods for diminishing the threat of impersonation and harassment during election periods.  

Actions to Prevent Disinformation

Combating malicious influence operations and disinformation campaigns will require additional security measures, including:

• Building rapport with local media entities and community officials to ensure the flow of accurate information.
• Utilizing authentication techniques, including watermarks, consolidates published content’s veracity.
• Training employees regarding standard operating procedures for responding to media manipulation.
• Ensuring stakeholders know how to report possible instances of misinformation or tampering.

Holistic Cybersecurity Measures

Governments and businesses around the world need to adequately prepare themselves. Federal agencies will likely increase their offensive efforts against threats from aggressive nation-state actors. These efforts could influence the global population. With the world stage set for many high-profile elections in 2024, a comprehensive approach to cybersecurity threats is essential.

MORE ON ELECTION TECH

• Why Blockchain Holds the Key to Secure and Inclusive Elections
• Meta to Label Political Ads With AI Imagery Before 2024 Elections
• Major Tech Companies Promise Action to Mitigate AI Risk in Elections