Safeguarding Democracy: How Cybersecurity can Prevent US Election Interference

Election interference is nothing new. But with the rise of cyberattacks, digital misinformation campaigns, and foreign interference online, the stakes for this year’s American presidential elections are higher than ever.

Fortunately, with the right cybersecurity measures and insights, America can still safeguard its digital democratic processes.

In this blog, we’ll explore the scope of digital election interference (hint—human error is the biggest threat), along with proactive cybersecurity steps to prevent it from happening on US election day on 5 November 2024.

Understanding election interference in a digital age

Why is election cybersecurity under threat in 2024? And what implications does this have for America? Let’s tackle 4 core insights to understand the scope of digital election interference.

1. Global elections are the biggest target for cyberwarfare

When it comes to cyberwarfare from “nation-state actors”, global elections are the biggest target in 2024. This means that any country wanting to compromise another nation will prioritize election interference.

And as the largest global economy, this marks the United States’ electoral process as a major cybercrime target, in particular for countries such as China, Russia, Iran, and North Korea.

In a document released by the US National Counterintelligence and Security Center, these threats from other countries include:

1. Cyber attacks against election infrastructure, such as voter registration and polling places.
2. Cyber attacks against political parties, campaigns, and officials, or to assist other agendas.
3. Influencer and misinformation campaigns to sway public thought, such as on social media.

2. CISA has identified 3 major cyber risks

Similarly, the US Cybersecurity and Infrastructure Security Agency (CISA) has outlined a list of challenges for this year’s elections, including

• Cyber attacks from other countries
• Ransomware gangs being used to take over election databases
• Misinformation campaigns to target election officials

CISA was formed after the 2016 US elections saw an attempt by Russia to interfere. Now, thanks to their efforts, election systems are “designated as critical infrastructure”, giving them a higher priority from the federal government.

3. The cyber attacks have already started

In February, AI-generated robocalls in New Hampshire were responsible for encouraging people not to vote in the state’s presidential primary elections. The robocalls sent messages such as, “It’s important to save your vote for the November election.”

And in April, in Georgia, a local authority’s election office suffered a cyber attack that forced it to disconnect from the state voter registration system as a precaution. This is believed to have been due to a ransomware attack.

4. Human error: The ultimate threat to voting systems

Even with the best cybersecurity systems in place, ultimately, human error can pose the biggest threat to the US elections. And with the wide network of election officials, volunteers, and campaigners, the opportunities for cybercriminals to exploit are rampant.

For example:

• An election official could fall victim to an infostealing campaign, exposing voter databases
• A volunteer might share information across an insecure network, where it’s easily stolen and exploited

Whatever technological measures are used, humans can always fall victim to ransomware gangs, infostealer malware, phishing attacks, and other social engineering tactics that can compromise voters and electors.

7 election interference case studies

Election interference is one of the biggest threats to US national security, and in a digital age, the risks are higher than ever—as evidenced in many countries and jurisdictions in recent years.

1. United States: After the 2020 presidential election which pitted Joe Biden against Donald Trump, it emerged that Iran had attempted to meddle with the results, using cyber techniques ranging from fake emails to compromised voter registration databases.
2. Taiwan: In January this year, cyber attacks doubled in the 24 hours before Taiwan’s election day. The biggest targets were government offices, policing and finance organizations, and were believed to be launched by players affiliated with China.
3. Poland: At the end of 2023, there was a surge of cyber attacks when a pro-Ukraine government was elected. This shows that cybersecurity risks can be especially high after election results have been announced.
4. Mexico: In 2018, just after a final television debate, a Mexican political party’s website suffered a cyber attack. And with violence already escalating ahead of Mexico’s 2024 elections in June, we can only assume that cyber risks are equally, if not more, prevalent.
5. Russia: Russian authorities report blocking 160,000 cyber attacks on their remote electronic voting system this year. Leaders stated that the attacks originated mainly from servers in the US and the UK.
6. United Kingdom: It’s recently emerged that last August, millions of voters’ data was leaked to China, including that of politicians who have spoken critically of Beijing in the past.
7. The European Union: Ahead of a major election in June, an internal review has suggested that the EU Parliament’s cybersecurity measures have “not yet met industry standards”, making them vulnerable to digital election interference.

These examples show that election interference is a global threat, and without the right cybersecurity measures, any polling place or organization can be a target.

How cybersecurity can safeguard election integrity

To tackle the rising threat of digital election interference, the US Homeland Security Department and other relevant bodies need to invest in strong cybersecurity defense measures.

1. A proactive approach is always best

We’ve all heard the “prevention is better than cure” rhetoric, and this couldn’t be more true when it comes to safeguarding the US election online.

A proactive approach is far better than a reactive one, as officials can stay one step ahead of cybercriminals and avoid a cyber attack before it happens. The Gartner EASM report outlines the importance of understanding vulnerabilities ahead of time, to avoid them becoming an issue later on.

And even if any electoral system is compromised, the cybersecurity measures will be able to quickly detect and contain the issue before it has a wider impact on the election results.

2. External attack surface management (EASM) is key

CybelAngel’s EASM 2024 report found that exposed databases have doubled since last year—and that human error alone can be the downfall of any system (in one instance, 3.8 billion records were compromised). Against this backdrop, EASM cybersecurity for the US elections is more important than ever.

But what is EASM? EASM stands for ‘external attack surface management’, and it involves monitoring public-facing digital assets for any vulnerabilities or misconfigurations that could be exploited.

Typical EASM security measures for the US elections could include:

• Asset discovery and monitoring: Checking all election-related assets for vulnerabilities
• Data breach prevention: Prevent leaks from voter registration databases
• Account takeover prevention: Stop election officials’ credentials from being stolen and sold
• Dark web monitoring: Follow cybercriminal conversations to anticipate potential cyber attacks
• Domain protection: Remove fraudulent or fake sites before they can do any damage to the US elections

3. Everyone needs to collaborate

All levels of government—including Congress, the Department of Justice, state election officials, and political parties—should proactively collaborate with cybersecurity experts and tech companies. Only by effective communication and collaboration can the threat to the US elections be managed as a whole.

4. Cyber threat education is a priority

With human error being one of the greatest cybersecurity threats, education should be a top priority—for election authorities and voters alike.

Everyone should be trained on the dangers of disinformation campaigns and foreign efforts to influence operations, along with the cyber risks attached to their personally identifiable information (PII) online.

When people understand how to evaluate information, spot risks, and protect their data, they can actively support the safeguarding of the US election process.

Conclusion

If we want to protect the integrity of the American electoral process, we need to proactively invest in cybersecurity measures—and in particular, safeguard against the risks of human error.

Ultimately, it’s a balancing act between using the right technology and being vigilant to human interference (intentional or otherwise) along the way.

Everyone should be committed to raising public awareness about federal election meddling, and government agencies, law enforcement, and tech leaders should collaborate to protect American democracy.

With these measures in place, the election results won’t reflect the digital interference of cybercriminals, disinformation campaigns, or foreign players.