Survey: Election Workers Feel Unprepared for Upcoming Cyberthreats – Source: securityboulevard.com

The issues of outside interference in U.S. elections and the security of the systems behind them have been talked and debate for at least a decade and promise to be at the forefront again as the country gears up for what promises to be a pivotal election year in 2024.

However, local and state government leaders whose jobs are to ensure the integrity of elections in their jurisdictions say they are feeling unprepared and ill-trained to push back against the myriad cyberthreats they’ll face this year.

That’s according to a survey of more than 130 such leaders – including those involved in IT and cybersecurity – conducted by cybersecurity firm Arctic Wolf and the Center for Digital Government.

According to the results released this week, almost 60% of such officials in city, county, and state offices said they are not or somewhat prepared to detect and respond to cybersecurity incidents that target elections, even as almost 82% of all those surveyed said they expect the number of cyber incidents will grow this year compared with 2020 or remain about the same.

Only about 3% believe the number will drop.

Budgets, Training are Concerns

In addition, the concerns are more than about money. Almost 54% of officials the budgets for elections teams were adequate or mostly adequate to address cybersecurity concerns around the 2024 election cycle. That said, another 36% indicated that their budgets were somewhat adequate or inadequate.

“I was surprised to see half of the respondents perceive their budgets as adequate, yet a notable group remains underfunded which is cause for concern,” Arctic Wolf CISO Adam Marrè told Security Boulevard. “But even more concerning is the overwhelming feeling of under preparedness. This underlines the call for improvement in personnel training and technology investments.”

Training is an issue, Marrè said, noting that while 50.7% of respondents said their elections teams get training in cybersecurity awareness specific to elections, another 23.5% said their workers did not. In addition, 25.7% said they didn’t know whether training was done. This is particularly concerning given that the last two elections illustrated how dangerous misinformation was when it comes to elections, he said.

“Moreover, with the rise of AI, there is more potential for emerging threats, such as well-crafted phishing emails and deepfakes of government employees that can mimic them through voicemails,” Marrè said. “Now more than ever, there are blurred lines between what’s real and what’s not. Government employees need to be aware of these risks and equipped to identify and address them.”

Previous election cycles have shown how bad actors foreign and domestic can interfere with local and national elections, from spreading disinformation to hampering voting systems. With the rapid growth of generative AI, new threats like deepfakes and voice cloning present even new challenges.

The Threat is Real

In its threat assessment for 2024, the Department of Homeland Security said it expects threat actors to converge on elections this year with a broad array of attack tactics.

“Our electoral processes remain an attractive target for many adversaries, and we expect many of them will seek to influence or interfere with the 2024 election,” DHS wrote in the report, adding that the threat will range from domestic extremist groups to international rivals like Russia and China. “Nation-state threat actors likely will seek to use novel technologies and cyber tools to enhance their capabilities and malign influence campaigns, ultimately to undermine our confidence in a free and fair election. Cyber actors likely will seek to exploit election-related networks and data, including state, local, and political parties’ networks and election officials’ personal devices and e-mail accounts.”

The same day that Arctic Wolf released its survey results, the Justice Department outlined efforts by its Civil Rights, Criminal, and National Security divisions and U.S. Attorneys’ office to ensure all qualified voters can cast ballots safely and to ensure the country’s elections are secure and free from foreign interference.

For its part, Arctic Wolf tagged election interference in the United States and abroad as a top threat for 2024, noting that state-sponsored and espionage groups will use elections for phishing lures and social engineering, while ransomware-as-a-service (RaaS) groups likely will target elections systems for financial gain. Disinformation and influence operations will be run and with the accelerated streamlining of generative AI, it will be another weapon for bad actors.

“This is a new reality and it’s time for government institutions to come to terms with that,” Marrè said. “This starts with state and local government organizations making sure all employees are receiving the proper training ahead of the election. By giving them the proper tools, such as MFA [multifactor authentication] and security awareness training, we can greatly decrease cyber risk and help protect our democracy.”

Disinformation is the Top Worry

For those surveyed by Arctic Wolf, the top threats they worry about are disinformation (50.7%), phishing attacks targeting election staff (47.1%), and hacks on election systems, processes, or websites (45.6%).

“For disinformation campaigns, AI algorithms can now be trained to analyze vast amounts of data, identify trends, and mimic human behavior on social media platforms,” the survey authors wrote. “By deploying AI-driven bots or deepfake technologies, malicious actors can flood online spaces with misleading narratives, fabricated stories, and manipulated media.”

The local and state officials also see the threats coming from a range of regions, with 30.1% of respondents pointing to China as the area of most concern. However, coming in second was the United States, at 19.9%, followed by Russia at 19.1%. Their ranking of China and the United States as the top two threats surprised Marrè.

“We often see China and Russia tagged as potential sources of interference, but it is just as important to recognize concerns about the U.S. to ensure well-rounded protection against foreign and domestic threats surrounding elections,” he said. “Increased awareness helps mitigate any blind spots.”

Next Steps

Arctic Wolf outlined a number of steps that can be taken to strengthen election operations against cyberthreats, including running user security awareness programs focused on election-themed phishing emails, instructing team members not to click on links or open attachments in unsolicited emails – a typical way bad actors get into IT systems – and ensure that workers understand the process of reporting suspicious emails to their security teams.

Election teams also should consider working with a cybersecurity vendor, Marrè said.

“Many local and state governments have technology leaders who are straddling both IT and security responsibilities, leaving them overwhelmed and overburdened,” he said, adding that the situation causes “unpatched vulnerabilities and gaps in security coverage. Working with a cybersecurity vendor is key for addressing these pain points.”