Introduction
The 2024 US presidential election is anticipated to be a focal point for cyber interference by foreign adversaries, particularly pro-Russian and pro-Palestinian hacktivists. These groups aim to disrupt the electoral process through various cyber tactics, including disinformation campaigns, doxing [3], and hack-and-leak operations [3], with the intent to influence public perception and undermine confidence in the democratic process.
Description
Pro-Russian hacktivists are expected to target the 2024 US presidential election [3], aiming to disrupt the public sector on election day [3]. These groups may engage in doxing of election officials [3], political candidates [1] [2] [3], and journalists [3], intending to intimidate or embarrass them as part of a protest against US foreign policy regarding Ukraine [3]. There is a potential for “hack-and-leak” operations [3], where compromised data is released to influence public perception [3]. Recently, a presidential candidate’s phone was hacked [1] [2], and a fake video falsely depicting ballots being burned in Pennsylvania circulated [1] [2], highlighting the tactics employed by these adversaries. National security officials have warned that US adversaries [1] [2], particularly Russia [1] [2], China [1] [2], and Iran [1] [2], are intensifying efforts to interfere in American politics ahead of the election [1] [2]. Despite assurances that the US election system is secure and that no foreign nation could significantly alter results [1], disinformation and cyberespionage are being used to target campaigns and voters [1], fostering distrust [1].
Russia is identified as the primary threat [2], utilizing fake websites and state-controlled media to disseminate misleading content aimed at undermining confidence in the electoral process [2]. Intelligence officials have determined that Russia supports former President Donald Trump and is using disinformation [1] [2], including AI-generated content [1] [2], to attack his Democratic opponent [2], Vice President Kamala Harris [1] [2]. Notable incidents include a staged video falsely accusing Harris of causing a car crash and another video alleging the destruction of mail ballots in Pennsylvania [1], which was debunked by local officials [1]. The FBI has confirmed Russia’s involvement in creating the video that falsely shows the destruction of mail ballots [2]. Post-election [1] [2] [3], Russia is expected to exploit claims of irregularities to undermine trust in the results and may incite violent protests [1]. Historically [3], politically motivated hacktivists have focused on election-related targets [3], although their attacks are often sporadic and less impactful than other cyber threats [3].
In addition, pro-Palestinian hacktivists are likely to disrupt the election process [3], motivated by Iran’s interests and the ongoing Middle East conflict [3]. Their tactics may include DDoS attacks [3], web defacement [3], and doxing [3], with a particular emphasis on hack-and-leak operations [3]. Iran has engaged in hacking operations targeting Trump campaign associates and attempting to leak damaging communications to media outlets [2]. The Justice Department has charged three Iranian hackers for a years-long operation aimed at influencing the election [2], which Iran perceives as critical [2]. US officials have expressed concerns about potential violence orchestrated by Iran against Trump or his administration [2], including indications that Iran may encourage protests after the election [1].
Recent trends indicate that Iranian state-sponsored cyber units are using pro-Palestinian personas to conduct more sophisticated attacks [3]. Collaboration between Russian and pro-Palestinian threat actors has also been observed [3], likely due to their strengthening geopolitical relations [3]. Meanwhile, China appears to be taking a more neutral stance in the election [2], focusing on down-ballot races and targeting candidates based on their positions on issues important to Beijing [1] [2]. Chinese hackers have reportedly targeted cellphones used by Trump [1] [2], his running mate JD Vance [1], and individuals associated with Harris’ campaign [1], although the extent of the data accessed remains unclear [2]. The threat landscape is expected to escalate following recent US sanctions against Iran [3], which may provoke retaliatory actions from these hacktivist groups [3]. The US government has been proactive in addressing foreign threats this election cycle [1], learning from past experiences of interference [1].
Conclusion
The anticipated cyber interference in the 2024 US presidential election underscores the persistent threat posed by foreign adversaries seeking to undermine democratic processes. While the US election system is deemed secure, the spread of disinformation and cyberespionage remains a significant concern. Mitigation efforts by national security agencies are crucial to safeguarding the integrity of the election. Continued vigilance and proactive measures will be essential in countering these threats and ensuring public confidence in the electoral process.
References
[1] https://www.theintelligencer.net/news/top-headlines/2024/10/foreign-threats-to-the-us-election-are-on-the-rise-and-officials-are-moving-faster-to-expose-them/
[2] https://apnews.com/article/trump-harris-russia-iran-china-disinformation-election-6f4cb99be3facb08c58cecd11b2c5d41
[3] https://www.cybersecurityintelligence.com/blog/2024-us-presidential-election-cyber-intrusion-part-4—rising-hacktivist-threats-8013.html
