With a historic number of global elections scheduled for 2024, involving around two billion voters, the stage is set for unprecedented opportunities for state-sponsored actors to disrupt democratic processes. According to a new report from Mandiant titled ‘Poll Vaulting: Cyber Threats to Global Elections’, these actors are poised to use sophisticated cyber tactics to influence elections and sow discord across continents.
The report highlights a disturbing trend of increasing cyber threat activity targeting election campaigns, news organizations, social media platforms, and political parties. These threats include data theft, distributed denial-of-service (DDoS) attacks, and hack-and-leak operations, which are expected to be used in coordinated campaigns to amplify their impact on public perception and trust.
“With over 50 elections set to take place globally in 2024, we have never been more vulnerable to state-sponsored cyber operations aimed at destabilizing elections,” the report warns. It assesses with high confidence that the greatest threat to this year's elections comes from state actors such as Russia and Iran, who have historically engaged in such activities.
Mandiant's analysis of past election interference shows that these actors have refined their techniques since major events like the 2016 U.S. Presidential election and the Brexit referendum. "But 2024 will give hostile nations another opportunity to test the techniques they have refined since then, pioneering new and innovative methods to influence voter opinion and attempt to elect those with shared sympathies, or those who will destabilize security-oriented multinational organizations," the report states.
Jamie Collier, Mandiant Senior Threat Intelligence Advisor EMEA at Google Cloud, highlighted the critical nature of these threats. “Russia remains the most serious threat to Europe in the runup to the European Parliament elections," he said. "Russian operations will likely take place across Europe and attempt to undermine support for Ukraine, NATO, and the EU.”
Additionally, the report underscores the effectiveness of DDoS attacks in undermining the trust in infrastructure, particularly when used in prolonged campaigns. Such tactics were notably employed by the Russian Main Intelligence Directorate (GRU) against Ukrainian financial services in the run-up to its invasion of Ukraine.
Madison Horn, a Congressional Candidate in Oklahoma, emphasized the critical need for action against misinformation and disinformation campaigns. "These campaigns, which meticulously erode trust in governmental institutions and corrupt democratic processes, pose a severe threat that transcends political lines and demands immediate action," Horn stated.
She further stressed the importance of electing officials who understand the complexity of these modern challenges and are committed to implementing robust cybersecurity measures, enhancing digital literacy, and fostering international cooperation to counteract the pervasive influence of state-sponsored disinformation.
The need for vigilant populations and experienced defenders has never been greater. Understanding the complex web of threats to elections and hardening infrastructure against cyberattacks are crucial steps in blunting the effect that state-sponsored attackers can have on the democratic processes.