In the lead-up to the 2024 U.S. presidential election, foreign actors are increasingly using  harmful cyber activities to undermine its integrity. For years, foreign nations have closely monitored U.S. politics, fully aware of the global impact each administration’s foreign policy can  have. During election periods, however, the American public often overlooks the growing cyber threats facing the nation, as attention turns to domestic issues such as immigration, gun control, healthcare, and climate policy. Nonetheless, the U.S., as a global leader with the power to shape international policies and trends, remains a prime target for foreign governments seeking to influence or monitor its elections.

Methods of Manipulation

Foreign nations have several methods to manipulate U.S. elections. The U.S. State Department refers to these actions as election interference and election influence. Election interference includes tactics like phishing attacks, malware, network infiltration, ransomware or denial-of-service attacks aimed at disrupting the election process. Election influence, on the other hand, involves using “information operations and propaganda to try to shape voter preferences or undermine confidence in the election.” These information operations spread disinformation, utilizing deepfakes, bot networks and fake news, which further undermines the very core of the democratic process. 

• Election Interference: When state and non-state actors use techniques and tactics to disrupt or directly impact the electoral process.

  • Network Infiltration: When an attacker gains unauthorized access to a computer system, network, or application.

  • Phishing Attack: When an attacker pretends to be a trusted source using fake emails, messages or texts to trick someone into giving sensitive information or login details.

  • Malware Attack: Any harmful software created to damage or compromise computer systems, networks or infrastructure without the user knowing.

    • Ransomware: A type of malware that locks a victim's files or systems and demands payment to restore access, usually spread through phishing emails, infected downloads or network vulnerabilities.

    • Distributed Denial-of-Service (DDoS) Attack: An attack where malware spreads to many computers, flooding a website with so much traffic that it becomes difficult or impossible for users to access it.

• Election Influence: When state or non-state actors use techniques and tactics to influence public opinion or erode confidence in the electoral process.

  • Information Operations: Aimed to affect, disrupt or control the decision-making of enemies and possible threats while protecting one’s own decision-making processes.

    • Disinformation: Spreading false or inaccurate information to mislead people.

    • Deepfakes: Images, videos, or audio created or edited by AI tools to depict real people or make fake ones.

    • Bot Networks: A network of hacked computer devices either controlled by an attacker or through the use of malware.

    • Propaganda: A collection of messages, images, and other content shared over time to support a political cause or opinion.

In many cases, it is through these methods that malicious actors can attack the election infrastructure, voter registration databases, and related critical systems such as power grids or transportation networks.

Notable Cases

Election manipulation can be predominantly seen in the 2016 and 2020 U.S. presidential elections. Countries like Russia, China and Iran have used various techniques to influence U.S. elections, aiming to sow discord, undermine democracy or elevate their preferred candidates.

Between 2014 and 2017, for example,“the Russian government directed extensive activity” against the 2016 U.S. presidential election infrastructure. Russian-sponsored hackers were able to compromise not only the Democratic National Committee’s computer network, but also access emails from U.S. citizens and institutions, including political organizations. They used disinformation and social media to turn Americans against each other. 

For instance, Russian actors strategically created two Facebook groups – one named Heart of Texas with 250,000 followers and the other named United Muslims of America with a following of 328,000 – to maliciously organize simultaneous protests outside the Islamic Center in Houston, Texas. While the Heart of Texas demonstrated against the Islamization of Texas, the United Muslims of America boasted of pride to be Muslim and shared Islamic knowledge. This tactic was deceptive and aimed to cause chaos.

Fast forward to 2020 where we saw foreign election meddling escalate significantly with Russia, China and Iran playing roles in attacking the U.S. Russia mirrored its 2016 techniques, while China employed disinformation campaigns, attempted hacking, and even funded campaign efforts. Reports to the U.S. Department of Justice revealed that under the U.S. Foreign Agents Registration Act, China has spent over $280 million in the past six years to influence U.S. politics, more than any other foreign country. Additionally the Federal Bureau of Investigation recorded that 80 percent of economic spying cases handled by the U.S. Justice Department in recent years benefited China in some way. 

Furthermore, China’s influence in America is far greater than it may seem. Beijing and its allies, like pro-China business people, control most of the Chinese-language media in the U.S.. This gives China many chances to shape the narrative and influence how American citizens vote, especially in competitive districts in states like California and New York, where many viewers live. 

Using a different approach in 2020, Iran directly stole U.S. voter registration data. Two Iran-based hackers, Seyyed Mohammad Hosein Musa Kazemi, 24, and Sajjad Kashian, 27, were charged with stealing voter information from at least one state election website and trying to spread false information to damage Americans' trust in the election's integrity. The two obtained information about 100,000 registered voters. This notable case is another example of a foreign nation’s aim to undermine the integrity of our elections. Now, four years later, the threat is still present. 

So far, the biggest foreign influence threat in the 2024 U.S. presidential election has been Russia, especially its hacking groups Energetic Bear and Dragonfly. Russians have used AI and bots to spread propaganda videos with false stories about crime, immigration and the Ukraine war. They have created fake websites that look like U.S. news organizations with the intent to shape public opinion and show misleading pro-Russian information to Americans. AI is most prominently used to enhance pre-existing risks by improving social engineering such as creating deepfakes and information operations, enhancing cyber operations by “mapping out target networks” and attacking the very AI systems being used to protect elections.

Intelligence agencies and security experts confirm that, along with Russia, China and Iran have been involved in trying to manipulate the 2024 U.S. elections. For example, social media posts discussing partisan issues have emerged from Chinese social media accounts, strategically timed before the election. Despite Meta quickly disabling these accounts, the information did make it to the public eye.

In September 2024, the FBI confirmed Iranian hackers attempted to aid the Democratic party, without their knowledge or consent, by stealing information from the Donald Trump campaign. This suggests that Iran may be partial to the Democratic party, likely due to Trump’s history of tough sanctions, pulling out of the 2016 Joint Comprehensive Plan of Action (also known as the Iran Nuclear Deal) and the assassination of top Iranian General Qasem Soleimani in January 2020, further underlining the significance of foreign nations’ motives when  it comes to election meddling.

Foreign meddling in U.S. elections has changed significantly in recent years, with countries like Russia, China and Iran employing various methods to disrupt the electoral process  and influence public opinion. Their tactics, including network infiltration, disinformation campaigns, and data theft, aim to undermine American democracy. As we approach the 2024 presidential election, the threat from these foreign actors remains very real, highlighting the need for strong security measures to protect U.S. elections. Looking at past interference and influence operations helps us understand these countries' goals and the potential impact on American voters and democracy. Moreover, these examples demonstrate how threat actors have already damaged the integrity of American democracy and how they could do so again. These actors operate more subtly than many people realize and, while their targeting of groups like the Democratic National Committee (DNC) or political figures like Trump may seem focused, it ultimately affects the entire U.S. population.

Protecting our Elections

Mitigation strategies to better safeguard data is the key to protecting our elections! While the U.S. government actively provides guidance to stakeholders to proactively strengthen the election infrastructure, it’s worth asking yourself: what can I do? How can I stay informed and help safeguard our elections?

• Raise public awareness about disinformation and media literacy. The more people understand the impact of disinformation and how to spot it, the less likely they are to be misled by these attacks. With this in mind, it is important to:

  • Seek information from trusted sources like official party websites, non-partisan election protection organizations and fact-checking websites.

  • Educate yourself on candidate stances by watching debates and reading candidate statements.

• Make your passwords stronger, enable two-factor authentication and regularly update your software to lower the risk of cyberattacks. These steps make it harder for hackers to access your system and steal data, which helps protect against cyber threats.

• Protect your data by using cybersecurity tools like endpoint detection and response (EDR) or managed detection and response (MDR) services to lower the risk of cyberattacks and data breaches. These tools help you respond quickly to threats, monitor your system, detect risks and offer expert cybersecurity support.

We must remain vigilant and innovative in combating cyber threats during the 2024 election and beyond. As cyber threats become more common, strengthening cyber defenses is essential to prevent mass data breaches, malware attacks and other risks.

Notes 

1 “Election Security: U.S. Government’s Efforts to Protect the 2024 U.S. Election from Foreign Malign Influence,” U.S. Department of State: Foreign Press Centers, September 6, 2024. https://www.state.gov/briefings-foreign-press-centers/protecting-the-2024-election-from-foreign-malign-influence 

2 Ibid. 

3 Ibid. 

4 “Cybersecurity Toolkit and Resources to Protect Elections,” Cybersecurity and Infrastructure Security Agency, n.d..  https://www.cisa.gov/cybersecurity-toolkit-and-resources-protect-elections 

5 Rep, Senate Intel Releases Election Security Findings in First Volume of Bipartisan Russia Report, U.S. Senate Select Committee on Intelligence., 2019. https://www.intelligence.senate.gov/press/senate-intel-releases-election-security-findings-first-volume-bipartisan-russia-report. 

6 Mueller, Robert. S., Rep, Report On The Investigation Into Russian Interference In The 2016 Presidential Election, U.S. Department of Justice., 2019, 1. https://www.justice.gov/archives/sco/file/1373816/dl 

7 Lucas, Ryan, “How Russia Used Facebook To Organize 2 Sets Of Protesters,” National Public Radio, November 1, 2017. https://www.npr.org/2017/11/01/561427876/how-russia-used-facebook-to-organize-two-sets-of-protesters 

8 Ibid.

9  “Cybersecurity and U.S. Election Infrastructure,” Foreign Policy, October 27, 2020. https://foreignpolicy.com/2020/10/27/election-cybersecurity-cyberattack-critical-infrastructure-voting/ 

10 Kurlantzick, Joshua, “China’s growing attempts to influence U.S. politics,” Council on Foreign Relations, October 31, 2022. https://www.cfr.org/article/chinas-growing-attempts-influence-us-politics 

11 Ibid.

12 Ibid.

13 Ibid.

14 “Cybersecurity and U.S. Election Infrastructure,” Foreign Policy, October 27, 2020. https://foreignpolicy.com/2020/10/27/election-cybersecurity-cyberattack-critical-infrastructure-voting/ 

15 Hosenball, Mark, and Lynch, Sarah. N., “U.S. charges Iranians for alleged cyber plot to meddle in 2020 presidential election,” Reuters, November 18, 2021. https://www.reuters.com/world/us/us-charges-iranians-alleged-cyber-plot-meddle-2020-presidential-election-2021-11-18/ 

16 Ibid. 

17 “Election Security: U.S. Government’s Efforts to Protect the 2024 U.S. Election from Foreign Malign Influence,” U.S. Department of State: Foreign Press Centers, September 6, 2024. https://www.state.gov/briefings-foreign-press-centers/protecting-the-2024-election-from-foreign-malign-influence 

18 Parks, Miles, “Latest On Cyberattacks On The U.S. Election,” National Public Radio, October 22, 2020. https://www.npr.org/2020/10/22/926891154/latest-on-cyberattacks-on-the-u-s-election 

19 Nelson, Kurtis, and West, Darrell. M., “Foreign influence operations in the 2024 elections,” Brookings, September 12, 2024. https://www.brookings.edu/articles/foreign-influence-operations-in-the-2024-elections/ 

20 Ibid.

21 Rep, AI and the 2024 election cycle, BAE Systems, 2024, 3-4. file:///Users/makennapetersen/Desktop/AI+and+the+2024+election+cycle_Final.pdf 

22 “Foreign Cyberattacks and Election Security,” Council on Foreign Relations, March 14, 2024. https://education.cfr.org/teach/mini-simulation/foreign-cyberattacks-and-election-security 

23 Ibid. 

24 Ibid. 

25 Tucker, Eric, “The FBI says Iran tried to send hacked files to Democrats. It’s another sign of foreign meddling,” AP News, September 20, 2024.  https://apnews.com/article/iran-fbi-hacking-trump-election-interference-2020-3631e1832a8edb549d53126585503f32