The cyber threats to 2024's elections

With many countries around the world holding elections this year, Tidal Cyber has released a new report looking at the threats to global elections and offering insights on prioritizing defenses against top adversaries and election interference tactics, techniques, and behaviors.

The report identifies the top ten countries facing the highest election cyber interference threats this year as: the US, the UK, South Korea, India, Belgium, Pakistan, Belarus, Mexico, Georgia, and Indonesia.

The report finds 27 percent of countries with 2024 national elections face the highest threat levels, facing multiple priority adversary groups and many state-backed groups associated with priority adversary countries. The four priority adversary countries (Russia, China, Iran, and North Korea) are using cyber interference for disinformation and espionage and to potentially disrupt actual electoral processes, such as voting, or manipulate results.

"Tidal Cyber assesses a considerable threat of cyber interference -- malicious activities targeting the technical aspects of election processes -- affecting global elections this year," says Scott Small, director of cyber threat intelligence at Tidal Cyber. "Considering that 2024 is a historic year for elections, based on our report, the findings have significant implications threatening to undermine confidence in voting processes or even alter electoral outcomes. We assess that cyber actors aligned with multiple adversarial nations are continuing to evolve their TTPs to attack both historical and new targets for election-related interference successfully."

Most countries voting this year face at least some interference threat. 64 percent face at least one state-backed cyber threat actor attributed to the three top offenders (Russia, China, or Iran). Pakistan, Indonesia, Venezuela, Uzbekistan, India, Belarus, and Ethiopia face considerable interference threats and, most vital, underlying concerns with digital infrastructure related to electoral processes.

Tidal’s research highlights adversaries adopting new techniques -- including generative AI -- and external factors to continue to make social engineering attacks successful despite improved defenses. It highlights credential abuse attacks on the rise, the resurgence of politically motivated denial of service and defacement attacks, and high levels of ransomware and extortion attacks.

Go to the Tidal site to get the full report, including recommendations for defending against attacks and protecting organizations and personnel involved in elections and election-related content.

Image credit: Syda Productions/Dreamstime.com