The EI-ISAC® is a community of dedicated election officials and cybersecurity professionals working side-by-side to ensure the integrity of elections among U.S. State, Local, Tribal, and Territorial (SLTT) governments. The 5^th of November 2024 is a significant day in the US – Americans will be choosing who will be the 47^th President of the country. As the day approaches, various threats become more prominent and we asked John Cohen, Executive Director, Program for Countering Hybrid Threats at the Center for Internet Security, to provide some insights about the cyberthreat landscape.

1. Could you tell us about the key threats that have come to the fore as the US election approaches? Could you explain why you believe that cyber and physical threats are not mutually exclusive?

Key threats for the 2024 General Election are cyber, physical, insider, foreign malign influence and election process disruptions (swatting, bomb threats, doxing, white powder in envelopes and large gatherings/protests).

2. Has this year been different from other US election years in terms of cyber threats? Have any new ones emerged?

The mail cyber threats faced by election officials this year are: phishing, data leaks, Distributed Denial of Service (DDoS), ransomware and Generative Artificial Intelligence (GenAI).  GenAI is the new threat during this election cycle. GenAI amplified existing threats. In the election environment, GenAI can:

• Be used to create images, text and videos that can be used against election offices. Deepfakes are videos of recognisable people, but the actions and words are created using Generative AI.
• Be used to create inaccurate news articles and social media content that can manipulate voters.
• Pose a risk to elections due to its ability to quickly generate and spread inaccurate content and misleading materials.
• Be used to create phishing emails targeting election officials and their offices.

3. What could voters do to become more resilient to cyber threats during the election period?

In order to become more resilient to cyber threats during the election period, voters should:

• Practice good cyber hygiene (strong passwords, multi-factor authentication).
• Question what they see on social media and know where to go to get accurate information about the election (state and/or local election officials) or other trusted sources.

 

This article was published as we explore CTI with SOCshare project. The project is part-funded by the European Union. The views and opinions expressed are those of the authors alone and do not necessarily reflect the views and opinions of the European Union or the European Cyber Security Centre of Excellence. Neither the European Union nor the European Cyber Security Centre of Excellence can be held responsible for them.