Election Cyber Interference Threats & Defenses: A Data-Driven Study
Download this new report for a comprehensive look at cyber threats to global elections in 2024 and insights on how to prioritize defenses against top adversaries & election interference TTPs.
Global elections in 2024 face a considerable threat of cyber interference
Our latest report dives deep into the cyber adversaries most likely to target elections for interference this year and the attack methods they are likely to use. We introduce a new methodology for estimating the threat of interference in elections in more than 60 countries, finding that most face at least some interference threat and over a quarter face the highest threat levels.
- The 10 countries facing the highest levels of election cyber interference threats are: the United States, United Kingdom, South Korea, India, Belgium, Pakistan, Belarus, Mexico, Georgia, and Indonesia
- 16 countries (27%) face multiple priority adversary groups, as well as many groups associated with priority cyber interference offender countries (Russia, China, Iran, and North Korea)
Tidal’s study also identifies trends in election cyber interference tactics, techniques, & procedures, based on analysis of dozens of historical instances since 2008. We also provide defenders with prioritized security guidance helpfully mapped to specific community resources such as popular control frameworks.
- Adversaries are continuing to evolve their TTPs for social engineering & email-based attacks and will likely use these attack methods to target new & historical targets for election interference in 2024.
- The threat of a newer TTP for election-related activity–credential abuse attacks–appears to be rising.
- The resurgence of politically-motivated denial-of-service & defacement attacks increases concerns for disruption and could heighten the impact of influence operations this year.
- Continued high levels of ransomware & extortion attacks, including from groups that disproportionately affect state & local government institutions, threaten to disrupt election infrastructure even if the attacks aren’t motivated by political goals.
About the Author
Scott Small is Director of Cyber Threat Intelligence at Tidal Cyber. Scott is a career intelligence researcher & analyst and an expert in cyber threat intelligence & threat profiling, open source research & investigations, and data analysis & automation. He has advised enterprise and public sector security teams across maturity levels on technical and strategic applications of intelligence and on using technology to help identify and mitigate organizational risk.
Throughout his career, Scott has briefed and trained large and small audiences and has presented original content at major security conferences and industry events. He is also an active member of the professional security & intelligence communities, contributes to community projects, and has published several independent projects, tools, & resources.