In the lead-up to the 2024 US presidential election, the focus on cybersecurity has become a prominent topic of discussion. With insights gained from working within the intelligence community to support the Department of Defense, there is a particular emphasis on safeguarding election systems at the municipal level, alongside the well-publicized concerns surrounding nation-state misinformation and disinformation.
Despite the attention to cybersecurity threats, there is a level of reassurance from the US Cybersecurity and Infrastructure Security Agency (CISA) regarding the overall security of election infrastructure. According to CISA lead Jen Easterly, the election systems have never been more secure due to the significant resources invested in securing elections over the past decade. However, this does not discount the likelihood of threat actors attempting attacks such as website defacements or distributed denial of service (DDoS) attacks on municipal election websites.
Looking ahead to 2024, there are four primary threats against local election systems that are expected to be in the spotlight:
Voting Machine Hacking:
One of the most high-profile threats is hacking of voting machines, although they are typically not connected directly to the internet, aligning with current cybersecurity guidelines. This means that the most plausible threat would require physical access to the machines. Despite existing cyber vulnerabilities within voting machines, there have been no reported instances of cyberattacks disrupting voting machines or altering votes.
DDoS Attacks:
DDoS attacks pose a frequent threat to US elections, with a significant increase in attacks recorded during the 2022 midterms. While protection services like Google’s Project Shield and Cloudflare offer defenses against DDoS attacks, incidents like the temporary downtime experienced by Mississippi’s election websites in 2022 serve as a reminder of the potential vulnerability. However, CISA and the FBI have assured that DDoS attacks would not hinder the voting process.
Ransomware:
Ransomware disruptions targeting municipalities, a common occurrence, are expected to continue leading up to the elections. Despite ransomware attacks temporarily affecting an election-related system in Georgia, efforts by the FBI and CISA have successfully managed localized attacks with minimal disruption to election operations without compromising voting security or accuracy.
Website Defacement and Email Access:
Attacks involving website defacement and compromised email accounts remain a concern, as they can potentially manipulate information or cause disruptions. Hybrid cyber-physical threats, such as fake bomb threats and targeted attacks using spoofed information, pose additional challenges that could impact polling stations and election operations.
As the threat landscape evolves, the collective efforts of federal, state, local, and tribal governments, as well as international partners, are crucial in safeguarding the integrity of the electoral process. While cyber threats are anticipated in the lead-up to the 2024 election, the existing security measures and collaborative approach across government levels aim to mitigate any potential impact. It’s essential for voters to remain vigilant, stay informed through official sources, and ensure their participation is not disrupted by malicious cyber activities.