Why Organizations Are Vulnerable To Cyberattacks During Election Season And The Threats They May Face

Just in time for the 2024 U.S. elections, cyberattacks and malicious activities are ramping up. For numerous reasons, elections are the perfect time for opportunistic cybercriminals to target businesses:

• High visibility: Elections provide an ideal platform for nation-states and hacktivists looking for ways to undermine democracies, destabilize elections, damage reputations and steal campaign data. Since elections have national and global visibility, any damage inflicted could have profound effects and a far-reaching erosion of trust.

• High volume and sensitivity of data: The volume (and sensitivity) of data, emails and transactions associated with elections is so vast that attackers may want to acquire this data for social engineering attacks, espionage, military activities and other malicious purposes.

• High stakes: Elections are the most important event in any thriving democracy. There’s much at stake, including money, trust, government policies and foreign relations. Attackers can leverage these high stakes as a bargaining chip in ransomware attacks and force victims to pay or meet their demands.

• High distractions: A barrage of election-related news, marketing, fundraising and related activities presents threat actors with numerous opportunities to spread disinformation, conceal their malicious acts and disguise their identities. Security teams can also become distracted by election responsibilities, overlooking security measures and proactive monitoring.

Five Major Cyber Threats Organizations Must Be Wary Of During Elections Cyber threats, attacker techniques and attacker sophistication have evolved and escalated exponentially since the 2020 elections. Let’s explore the top threats organizations or security teams might encounter in the coming months:

1. Social engineering attacks: Phishing is the No. 1 attack vector used to infiltrate organizations. Both Microsoft and Google have issued warnings about foreign-based threat actors creating realistic-looking fake websites and emails purporting to be from legitimate businesses. These social engineering techniques are being used to lure users to download or open attachments.

2. AI-enabled attacks: According to a CISA advisory, threat actors can leverage AI technology in different ways to target election processes and officials, spread disinformation and compromise organizations. Noteworthy use cases include:

• Manipulating AI algorithms so that AI-based chatbots can spread false information about the time, place or manner of voting.
• Using voice cloning tools to impersonate key officials, election staff or high-ranking employees to gain access to sensitive information.
• Developing or enhancing malware that can evade security detection.
• Creating fake content (audio, video, images) that can be used to harass, impersonate or delegitimize election officials.
• Fabricating deepfakes to spread false narratives and portray individuals in a false light to mislead voters.
• Leveraging AI-powered bots to influence voters and mimic human behavior.

3. “Hack and leak” attacks: A method of attack where cybercriminals hack into organizations, steal sensitive data and then disseminate it for political purposes. For example, in the lead-up to the 2016 U.S. election, Russian hackers broke into computers at the DNC and the Democratic Congressional Campaign Committee and stole gigabytes worth of documents. WikiLeaks and other websites tactically timed the release of these stolen documents to smear a candidate. Recently, campaign documents were breached by Iranian hackers.

4. Ransomware attacks: Imagine a scenario where key election officials are locked out of their computers, unable to access or operate systems, while voters are unable to cast votes. Back in 2020, Georgia County experienced a ransomware attack that affected its voter signature database and voting precinct map. What if a major technology provider serving as a backbone for the 2024 elections is hit by a ransomware attack?

5. Vulnerability exploitation: Many organizations use hardware and software operating with unpatched vulnerabilities. These weaknesses are routinely exploited by adversaries to compromise systems. Earlier this year, ethical hackers reported vulnerabilities in voting machines.

How Organizations Can Mitigate These Threats

1. Train the workforce: Deliver election-related security awareness training and phishing simulation exercises. Encourage critical thinking and always verify information with content fact-checking.

2. Validate defenses: Validate your security controls, rules and procedures. Scan and patch vulnerabilities proactively. Conduct penetration testing to assess defense integrity and to identify and root out vulnerabilities.

3. Lock down supply chains: Ensure third-party partners and supply chain processes are protected end to end; ensure suppliers follow industry best practices and best-in-class security. Lay out concise cybersecurity policies they must abide by before accepting your business.

4. Isolate key systems: If your organization is a supplier or supporting electoral processes, ensure to isolate those valuable systems to avoid access by attackers.

5. Deploy layered security: Use a combination of security controls such as multifactor authentication (MFA), firewalls, intrusion protection, endpoint detection and response (EDR), etc., to proactively detect threats and block attacks.

6. Data preparedness: Recruit outside experts to help develop more resilient operations and train teams to be extra vigilant during election season. Diligently monitor all known attack surfaces.

A cyberattack or a data breach is no longer an issue to just an individual organization but a collective risk for the entire nation because of the various societal, economic and governance implications. Organizations must start acting more responsibly and seek outside help if needed to ensure they enforce security procedures and do their fair share in keeping the nation’s networks and data safe from disruption or interference.

This article was originally posted on Forbes Technology Council >