As the November 5th U.S. presidential election approaches, the spotlight is firmly on cybersecurity. With geopolitical tensions high and adversarial cyber actors increasingly active, federal agencies and cybersecurity professionals face unprecedented challenges to secure the integrity of the election.
Evolving Threats in a Complex Cyber Landscape
The 2024 election season is witnessing a surge in malicious cyber activity, including phishing campaigns, disinformation and attacks targeting election infrastructure. According to Fortinet and CISA (Cybersecurity and Infrastructure Security Agency), both state-sponsored groups and financially motivated hackers are active. While phishing kits tailored to impersonate candidates are sold on the darknet, new domains mimicking campaign websites emerge daily, intending to steal data or spread false narratives.
Key Threats in Focus
Phishing and Malicious Domains
- Phishing scams targeting voters and donors are on the rise, with hackers impersonating candidates or campaign sites to collect personal information. Help Net Security reports the creation of over 1,000 new malicious domains, many hosted on reputable services such as AWS and Cloudflare to evade detection. These domains attempt to harvest sensitive data like Social Security numbers, voter details, and credit card information, which could facilitate disinformation campaigns and account takeovers.
State-Sponsored Influence Campaigns
- Russia, China and Iran continue to focus on influencing public opinion rather than directly interfering with voting machines. As CISA Director Jen Easterly notes, adversaries aim to undermine trust in the electoral process and sow partisan discord using AI-generated fake content, such as fabricated news and manipulated videos. These efforts aim to amplify existing divisions within U.S. society.
Ransomware Attacks on Government Infrastructure
- Threat actors are increasingly targeting state and local governments with ransomware. In 2024 alone, ransomware attacks on government entities surged by 28%, according to Fortinet. Disruptive attacks, especially those timed around Election Day, could delay vote tallying and create confusion, eroding public trust.
Fraud Schemes
- The FBI has issued an additional warning about election-related scams, including fraudulent donation solicitations and misleading messages suggesting voters are unregistered. Voters are urged to verify information through official channels like the Federal Election Commission or Vote.gov, and avoid clicking suspicious links.
Misinformation and Insider Threats
- Disinformation campaigns remain a significant challenge, with fake news and false claims about voting procedures and fraud circulating widely. Additionally, CISA warns of potential insider threats, with employees or contractors who have access to election systems posing a security risk.
Mitigating the Risks
The U.S. election infrastructure is more resilient than ever, with election officials employing best practices like endpoint detection, network segmentation and tabletop exercises. Albert intrusion detection systems monitor county networks for unusual activity, and over 97% of votes are now recorded with verifiable paper ballots.
However, maintaining voter confidence requires more than technical defenses. Proactive educational efforts about misinformation and phishing risks are essential to counter adversarial influence. Voters are encouraged to verify information through official election channels rather than relying on unverified sources.
Actions for Cybersecurity Professionals
Cybersecurity experts have a critical role in safeguarding the election process. They must monitor for ransomware attacks, identify and report phishing campaigns and collaborate with election officials to strengthen defenses. Continuous monitoring, threat intelligence sharing and response readiness will be paramount in protecting democracy.
In the final stretch toward Election Day, the focus must remain on securing not just the vote but the public’s trust. Whether by addressing disinformation or defending against ransomware, the work of cybersecurity professionals is key in ensuring a free and fair election.
Stay Vigilant
For those involved in election security, the priority is clear: defend against cyber threats to ensure that every vote counts and that public confidence in the election remains intact. For more details on cyber threats targeting the U.S. election, follow updates from CISA and leading cybersecurity firms monitoring the election landscape.
