The threat-informed defence company, Tidal Cyber, has released its inaugural study into global election cyber interference threats scheduled for 2024. Titled 'Election Cyber Interference Threats & Defences: A Data-Driven Study', it provides a comprehensive analysis of cyber threats, pinpoints potential interference hotspots, and offers a prioritised list for defence against these threats.
Scott Small, Director of Cyber Threat Intelligence at Tidal Cyber, states, "Tidal Cyber assesses a considerable threat of cyber interference – malicious activities targeting the technical aspects of election processes – affecting global elections this year. Considering that 2024 is a historic year for elections, based on our report, the findings have significant implications threatening to undermine confidence in voting processes or even alter electoral outcomes." He elaborates that cyber actors aligned with several adversarial nations continue to modify their tactics to disrupt elections increasingly.
The report spotlights several key findings. It lists the top ten countries facing the highest cyber interference threats: the US, the UK, South Korea, India, Belgium, Pakistan, Belarus, Mexico, Georgia, and Indonesia. Sadly, 27% of countries holding national elections this year face the highest threat levels from multiple adversary groups, including several state-backed groups from adversarial nations.
The top offenders, namely Russia, China, Iran, and North Korea, use cyber interference for disinformation, espionage, and potential disruption of actual electoral processes. Shockingly, nearly two-thirds (64%) of countries voting this year face at least one state-backed cyber threat actor linked to these three nations.
Most notably, Pakistan, Indonesia, Venezuela, Uzbekistan, India, Belarus, and Ethiopia face significant interference threats - largely due to concerns surrounding their digital infrastructure related to their electoral processes.
The report also highlights alarming trends in election cyber interference tactics, such as the adoption of AI technology to make phishing and social engineering attacks more convincing. There's also the resurgence of politically motivated denial of service and defacement attacks, increased credential abuse, and a rise in ransomware and extortion attacks.
Tidal Cyber recommended a series of defences around the observed cyber interference tactics. "Defenders must prioritize regular review and reinforcement of identity security controls, software and application security configuration policies, and endpoint and network threat prevention technology to defend against election interference threats from top adversaries," Small urges.
The company has also developed a unique methodology called the 'Election Cyber Interference Threat Rankings' to estimate the relative threat of interference in elections in more than 60 countries this year. This tool considers the prevalence of cyber adversaries, including specific threat groups and adversaries associated with well-known cyber interference offenders and priority adversary countries.
Tidal Cyber's full range of defence recommendations against these pressing cyber threats, and their complete "Election Cyber Interference Threats & Defenses" report, is available for further understanding of the gravity of this growing global concern.