As the United States gears up for the 2024 election, the significance of cybersecurity for state and local governments cannot be overstated. In an era where digital threats are increasingly sophisticated, robust cybersecurity measures are essential to protect both the critical election infrastructure and the integrity of elections itself.
But how do the people responsible for securing and administering elections feel about their cybersecurity posture as we enter 2024? To help the find answer to this question, Arctic Wolf commissioned the Center for Digital Government to survey over 130 state and local government leaders in the United States, including those responsible for IT and cybersecurity systems, about their attitudes and beliefs on the cybersecurity issues related to the upcoming election.
Underprepared and Under-Resourced for 2024
State and local IT and cybersecurity teams often operate with limited staff, stretched thin by the myriad responsibilities that come with their day-to-day responsibilities that are only compounded by the additional responsibilities of election years.
These personnel constraints make it challenging for cybersecurity teams to allocate sufficient time and expertise to election-focused cybersecurity measures, and as the survey shows, more than half of respondents reported they are not at all prepared or somewhat prepared to detect and recover from election-targeted cyber incidents.
Adding to the feelings of unprepardeness is that election official and administrators are expecting a significant uptick in the volume of attacks compared to what they saw in 2020, with almost half (47.1%) expecting an increase, while less than 3% (2.9%) believe they will see a decrease.
Another key contributor to the feeling of a lack of preparedness is related to funding as more than a third (36%) of respondents claim that their cybersecurity budget is inadequate to address their cybersecurity concerns that they expect to face during the 2024 election cycle.
Fear of Threats Supercharged by Artificial Intelligence (AI)
When it comes to the types of attack election officials are concerned most about, there is a wide range of options they are keeping them up at night, but the top two are especially interesting given the rise in concern over AI-powered threats over the past year as the efficacy of both disinformation campaigns and phishing attacks are potentially supercharged using generative AI tools.
For disinformation campaigns, AI algorithms can now be trained to analyze vast amounts of data, identify trends, and mimic human behavior on social media platforms. By deploying AI-driven bots or deepfake technologies, malicious actors can flood online spaces with misleading narratives, fabricated stories, and manipulated media. These AI-generated falsehoods can target specific demographics, exploit pre-existing biases, and amplify divisive issues, thereby influencing public opinion and potentially swaying election outcomes.
While misinformation tactics like deepfakes, are still a relatively new phenomenon, phishing has long been a favorite tool for cybercriminals, and the proliferation of AI has elevated its sophistication to new heights. AI-powered phishing attacks can now craft hyper-personalized and convincing messages tailored to exploit the psychological vulnerabilities of individuals. By analyzing vast datasets, threat actors can glean insights into a person’s political affiliations, preferences, and even recent online activities, allowing them to create deceptive messages that appear trustworthy, with the goal of deceiving individuals into disclosing sensitive information.
Enemies: Foreign and Domestic
Historically, the primary focus of many electoral cybersecurity concerns has been on the interference orchestrated by foreign nation-states. These entities, equipped with advanced cyber capabilities, may aim to compromise election infrastructure, manipulate public perception, sow discord, and influence political outcomes. The sophistication of these external threats has always demanded heightened vigilance and even international cooperation to safeguard the democratic process. And while, foreign interference from China and Russia remains a significant concern for election officials in the United States, fears of attacks coming from the United States itself are now top of mind for many with almost 20% of respondents selecting it as the source they are most concerned about, behind only China.
With the two-party electoral system of the United States, extreme partisanship has become more common, potentially stoking fears among election leaders that domestic Individuals or groups with varying political motivations may act on behalf of their own interests. As the 2024 US elections approach, the fusion of foreign and domestic threats underscores the need for state and local governments to have a comprehensive cybersecurity strategy that includes heightened awareness, collaboration, and resilience from both sides of its borders.
Training and Awareness Deficits Remain
Cybersecurity is as much about human vigilance as it is about technological defenses. However, state and local governments, often lack the financial resources to provide comprehensive training programs that educate staff on the latest cyber threats and preventive measures. As the 2024 election cycle kicks off, only half (50.7%) of respondents say their team has received election-specific cybersecurity awareness training.
Cybersecurity training specific to election threats is crucial to implement as it empowers election officials to identify and mitigate risks unique to electoral processes. Understanding the intricacies of election infrastructure and potential threats ensures a proactive defense against cyber threats that could compromise voter data or influence election results. Additionally, specialized training enables officials to detect and respond swiftly to emerging threats, further preserving the integrity of the democratic process.
As the 2024 elections draw near, the findings of this survey underscore the need for state and local governments to fortify their cybersecurity posture. The challenges are multifaceted, demanding strategic investments in personnel, technology, and training. A comprehensive cybersecurity strategy, fueled by heightened awareness, collaboration, and resilience is paramount to preserving the security of the democratic process in the face of evolving and dynamic cyber threats.
In their 2024 predictions report, Arctic Wolf Labs highlighted that increased cyber activity around 2024 elections as their top threat entering the new year, not only for the United States, but worldwide. Their predictions mirror many of the findings of this survey, highlighting concerns that state-sponsored and espionage threat groups will use the elections for phishing lures and social engineering attacks, while Ransomware-as-a-service (RaaS) groups may also target election infrastructure to disrupt election preparations for financial gain.
For those involved with election processes, their top recommendations to combat election-related threats include:
- Conduct user awareness campaigns to inform users of potential election-themed phishing emails. Be cautious of emails from unknown email addresses that make suspicious or blatantly false claims about the election process.
- Do not click links or open attachments from unsolicited emails. During previous election cycles, threat actors sent invoice-themed phishing emails that contained links to websites intended to steal login credentials. The emails shared similar attachments and used compromised email addresses to disseminate them.
- Ensure employees know the correct process to report suspicious emails to the security team.
- Verify information about election-related incidents and voter information compromise through multiple, reliable sources. The same due diligence should be conducted before sharing or interacting with social media posts or accounts.
For additional information on how to prepare for election-related threats in 2024, check out the complete set of guidance and recommendations provided by Arctic Wolf Labs.
