Connect with us

Hi, what are you looking for?



Cyber Interference – the Changing the Face of Elections

Influential Organizations and Individuals or Those With Ties to Government or Political Institutions May be Targets for Cyber Attacks 

Influential Organizations and Individuals or Those With Ties to Government or Political Institutions May be Targets for Cyber Attacks 

Last fall I wrote about cyber as the latest front on the election battlefield. This was based on two trends that emerged during the 2016 U.S. Presidential election cycle – a series of network breaches that resulted in leaked information, and an uptick in concerns over threats to voting systems. This proved to be a sign of things to come. Since then, similar activities have been reported surrounding elections in The Netherlands and France. With elections coming up in the UK in June and Germany in September what type of cyber interference might we expect? And, more importantly, what steps can we take to mitigate risk?

In the case of the UK elections, two factors are working against cyber attackers – because it is a snap election threat actors haven’t had as much time to prepare, and voting is still paper based. However the UK’s National Cyber Security Centre warns that the political parties themselves remain targets as do parliament, constituency offices, think tanks and individuals’ email accounts. Based on previous observations and reports, following are the most likely activities we can expect to see that could lead to interference with future elections.

Network Intrusions: Network intrusions are typically conducted for intelligence-gathering purposes, potentially with a view to making sensitive information public as part of an influence operation designed to discredit a political candidate. Political parties, government organizations and enterprises with an interest in future policy decisions may be targeted. Social engineering and spear-phishing continue to be the most successful vectors of attacks – a trend that is highly unlikely to change for the foreseeable future.

Public Data Leakage: An ideologically motivated actor may attempt to release sensitive or confidential information citing freedom of information and the fulfilment of a public service. They may obtain this information for the purposes of public data leakage in a variety of ways, including phishing and social engineering attempts, network intrusions and data exfiltration, inadvertent exposure through public facing databases and applications, or even collaborating with insiders to steal documents.

Hacktivism: Hacktivist actors are most often motivated by public attention, either for themselves or the issues they claim to represent. DoS attempts, website defacements and public data leaks achieved through techniques such as SQL injection are the most common types of attacks. Hactivists may also use social media to raise awareness, for example using “tweet storms,” where tweets from multiple Twitter accounts sympathetic to an ideology would be directed at certain targets, or used to start a trend on social media platforms.

False media reports: We’ve heard a lot about “fake news” as of late, but threat actors may indeed disseminate false information to influence public opinion or discredit a particular candidate. They may use a wide variety of media including established online publications, spoof news sites, or through fake social media profiles on LinkedIn, Facebook and Twitter.

Influential organizations and individuals or those with ties to government or political institutions may be targets for such attacks. With knowledge of the types of cyber activities that may occur during election season, here are five steps security professionals can take to mitigate risk. 

Advertisement. Scroll to continue reading.

1. Update security awareness training with adequate phishing training for employees to help reduce the cases of network intrusion and public data leaks. Verizon’s 2017 Data Breach Investigations Report states that social attacks were used in 43% of all breaches with phishing being the most common social tactic, accounting for 93% of such incidents.

2. Properly secure public-facing applications to reduce the possibility of sensitive information being unwittingly shared.

3. Monitor for suspicious activity, such as accessing resources that have not been accessed in the past or at hours when the employee is not typically on the job, to identify a potential insider threat or an instance of credential compromise.

4. Identify instances of fake or spoofed social media profiles for your top executives, other well-known figures in your organization, or the organization itself to stop bad actors from hijacking identities to influence public opinion.

5. Track the emergence of hacktivist actors and dedicated campaigns and assess your level of risk so you take action to proactively strengthen defenses and remediate vulnerabilities.

There have been real concerns about cyber interference with respect to elections, and strong response – from security agencies issuing warnings and advice to remain vigilant against attacks, to the Dutch deciding to count votes manually, in lieu of their usual electronic method, to mitigate any potential for interference. While systems and individuals across a wide swath of organizations are possible targets, “forewarned is forearmed” as the saying goes – there’s much we can do to mitigate risk. 

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join us as we delve into the transformative potential of AI, predictive ChatGPT-like tools and automation to detect and defend against cyberattacks.


As cybersecurity breaches and incidents escalate, the cyber insurance ecosystem is undergoing rapid and transformational change.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.


A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...