Cybercriminals: The Major Threat to US Election Security Beyond Russia and China

Throughout the 2024 campaign season in the United States, hackers believed to be backed by Russia, China, and Iran have been particularly active. They have been involved in a range of malicious activities, including compromising digital accounts tied to political campaigns, spreading false information, and probing election systems. However, a report released in early October by the Election Infrastructure ISAC, a group focused on threat-sharing and coordination, cautioned that threats from cybercriminals like ransomware attackers present a more significant risk of disruptive actions compared to foreign espionage tactics.

While state-sponsored actors were emboldened by Russia’s interference in the 2016 presidential election, the report highlights their preference for operations aimed at intelligence gathering and influencing public perception, rather than outright disruptive attacks, which could be interpreted as direct aggression towards the U.S. In contrast, individuals motivated by financial gain or ideology typically focus on causing disruption through methods such as ransomware attacks or DDoS attacks.

This document was initially secured by the nonprofit organization Property of the People, dedicated to advancing national security transparency, and was subsequently reviewed by WIRED. The U.S. Department of Homeland Security, which played a role in developing and disseminating the report, did not respond to requests for comments from WIRED. Additionally, the Center for Internet Security, which manages the Election Infrastructure ISAC, opted not to provide any comments.

According to the alert, “Since the midterm elections in 2022, financially and ideologically motivated cybercriminals have launched targeted attacks against state and local government networks involved in election management.” It further notes, “In some instances, successful ransomware attacks and DDoS actions on this infrastructure have resulted in delays to election-related processes in the impacted states or localities, yet they have not undermined the integrity of the voting systems … Nation-state affiliated cyber operatives have refrained from disrupting U.S. electoral infrastructure, despite engaging in reconnaissance and occasionally gaining access to non-voting systems.”

According to statistics from the Department of Homeland Security outlined in the report, a significant majority of “cyber threats to elections” were thwarted attempts by unidentified individuals, accounting for 95 percent of cases. Known perpetrators made up 2 percent of failed attempts, while 3 percent resulted in successful breaches, aimed at accessing systems or causing disruptions. The report underscores the importance of sharing threat intelligence and collaboration among local, state, and federal entities in preventing breaches and mitigating the repercussions of successful attacks.

Typically, state-sponsored hackers may heighten geopolitical tensions through aggressive digital espionage; however, their actions aren’t necessarily escalatory as long as they adhere to established espionage protocols. In contrast, criminal hackers face no such limitations and may draw substantial attention to their actions if their operations are excessively disruptive, potentially provoking a response from law enforcement.

The report references an incident from March, where an unidentified county in the US “suffered a ransomware attack that compelled it to acquire new networking equipment and reestablish connections to the state election system.” Such incidents, especially if they occur near Election Day, could severely hinder the voting process.

In a broader context, concerns regarding domestic security in relation to the upcoming 2024 election have surged, leading to what the DHS refers to as a “heightened threat environment.” Recent reporting by WIRED disclosed that the agency has been issuing alerts to law enforcement across the nation since the summer, prompted by the alarming mobilization efforts of certain extremists aiming to incite violence against public officials and targeting US voter ballots for destruction.

Increasing concerns have emerged regarding propaganda urging Americans to partake in a “civil war.” This alarming narrative is seen by the DHS as heightening the likelihood of domestic attacks. Threats related to what the government identifies as “immigration-related grievances”—including the misleading narrative of a “migrant invasion,” a key element in Donald Trump’s reelection strategy—have escalated this year. These threats have also spread to involve federal judges and border patrol officers, who are labeled as “traitors” by some antigovernment factions.

“Targeted violence and terrorism linked to ideologically driven individuals will persist as a threat throughout the 2024 election cycle,” states another intelligence report acquired by WIRED. The report also cautions that “insider threats” related to US election systems are “likely to present challenges.”

Total
0
Shares
Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Article

Limited-Time Discount: Target's Exclusive Shadow The Hedgehog Lego Set Just Weeks Post-Release!

Next Article

'BBL Drizzy': Pioneering the Future of AI-Generated Music

Related Posts