The issues of outside interference in U.S. elections and the security of the systems behind them have been talked and debate for at least a decade and promise to be at the forefront again as the country gears up for what promises to be a pivotal election year in 2024.
Local and state government leaders whose jobs are to ensure the integrity of elections in their jurisdictions say they are feeling unprepared and ill-trained to push back against the myriad cyberthreats they'll face this year.
That's according to a survey of more than 130 such leaders - including those involved in IT and cybersecurity - conducted by cybersecurity firm Arctic Wolf and the Center for Digital Government.
According to the results released this week, almost 60% of such officials in city, county, and state offices said they are not or somewhat prepared to detect and respond to cybersecurity incidents that target elections, even as almost 82% of all those surveyed said they expect the number of cyber incidents will grow this year compared with 2020 or remain about the same.
The concerns are more than about money.
Almost 54% of officials the budgets for elections teams were adequate or mostly adequate to address cybersecurity concerns around the 2024 election cycle.
Training is an issue, Marrè said, noting that while 50.7% of respondents said their elections teams get training in cybersecurity awareness specific to elections, another 23.5% said their workers did not.
25.7% said they didn't know whether training was done.
This is particularly concerning given that the last two elections illustrated how dangerous misinformation was when it comes to elections, he said.
Previous election cycles have shown how bad actors foreign and domestic can interfere with local and national elections, from spreading disinformation to hampering voting systems.
With the rapid growth of generative AI, new threats like deepfakes and voice cloning present even new challenges.
In its threat assessment for 2024, the Department of Homeland Security said it expects threat actors to converge on elections this year with a broad array of attack tactics.
The same day that Arctic Wolf released its survey results, the Justice Department outlined efforts by its Civil Rights, Criminal, and National Security divisions and U.S. Attorneys' office to ensure all qualified voters can cast ballots safely and to ensure the country's elections are secure and free from foreign interference.
For its part, Arctic Wolf tagged election interference in the United States and abroad as a top threat for 2024, noting that state-sponsored and espionage groups will use elections for phishing lures and social engineering, while ransomware-as-a-service groups likely will target elections systems for financial gain.
Disinformation and influence operations will be run and with the accelerated streamlining of generative AI, it will be another weapon for bad actors.
For those surveyed by Arctic Wolf, the top threats they worry about are disinformation, phishing attacks targeting election staff, and hacks on election systems, processes, or websites.
The local and state officials also see the threats coming from a range of regions, with 30.1% of respondents pointing to China as the area of most concern.
Coming in second was the United States, at 19.9%, followed by Russia at 19.1%. Their ranking of China and the United States as the top two threats surprised Marrè.
Arctic Wolf outlined a number of steps that can be taken to strengthen election operations against cyberthreats, including running user security awareness programs focused on election-themed phishing emails, instructing team members not to click on links or open attachments in unsolicited emails - a typical way bad actors get into IT systems - and ensure that workers understand the process of reporting suspicious emails to their security teams.
Election teams also should consider working with a cybersecurity vendor, Marrè said.
This Cyber News was published on securityboulevard.com. Publication date: Tue, 09 Jan 2024 19:13:04 +0000