Connect with us

Hi, what are you looking for?



US Government Releases Guidance on Securing Election Infrastructure

New US guidance details foreign malign influence operations to help election infrastructure stakeholders increase resilience.

The US government has issued new guidance to help election infrastructure stakeholders increase their resilience against malign influence operations seeking to undermine trust in democratic institutions.

State-sponsored threat actors from China, Russia, and Iran are known for their hostile efforts to influence US policies and have been observed employing various tactics and techniques to accomplish their goals, CISA, the FBI, and the Office of the Director of National Intelligence (ODNI) note in the guidance (PDF).

“These actors employ a variety of methods to conduct foreign malign influence operations, such as using networks of fake online accounts to pose as Americans; enlisting real people to wittingly or unwittingly promote their narratives; and using proxies to launder their influence narratives through an array of overt and covert proxy websites, individuals, and organizations that appear independent,” the three agencies say.

Since 2016, foreign malign influence campaigns have focused on undermining the public confidence in the US election process and in exacerbating partisan tensions, CISA, FBI, and ODNI say.

State-sponsored threat actors have been observed employing both overt and covert methods as part of these campaigns, including the use of fake social media personas to promote inauthentic narratives, engaging with real people to echo influence messages, and the use of AI tools to generate and spread malign influence content.

Threat actors have been portraying “proxy” media entities as trustworthy outlets to use them for the distribution of influence messages, they have been using voice cloning tools to create fake recordings of officials, and have been using cyber-intrusions together with information operations to achieve their goals.

Additionally, state-sponsored threat actors have been observed creating and spreading false evidence of cyber and physical incidents, including fake “hacked” documents and fake reports, paying influential individuals and organizations, and leveraging social media platforms to increase belief in their campaigns.

To prepare for and respond to foreign malign influence operations, election officials and other election infrastructure stakeholders are advised to proactively debunk potential malign influence narratives, direct audiences to official websites and trusted sources of information, train staff to respond to suspected AI-generated media, and establish relations with local media and community leaders.

Advertisement. Scroll to continue reading.

To secure systems, accounts, and public-facing assets, they should make social media accounts private, harden personal and organizational accounts, use strong cybersecurity protocols, including multi-factor authentication, on all accounts, and should use non-repudiation and authentication techniques to mark their content.

“The elections process is the golden thread of American democracy, which is why our foreign adversaries deliberately target our elections infrastructure with their influence operations. Defending our democratic process is the responsibility of all of us,” CISA senior advisor Cait Conley said.

Related: Five Eyes Agencies Release New AI Security Guidance

Related: US Government Issues New DDoS Mitigation Guidance

Related: US Government Issues Guidance on Securing Water Systems

Written By

Ionut Arghire is an international correspondent for SecurityWeek.


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.


SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.


People on the Move

Digital executive protection services provider BlackCloak has appointed Ryan Black as CISO.

Joe Levy has been appointed Sophos' permanent CEO, and Jim Dildine has been named the company's CFO.

CISA executive assistant director for cybersecurity Eric Goldstein is leaving the agency after more than three years.

More People On The Move

Expert Insights

Related Content

Cloud Security

Cloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to and Exchange Online.


US National Cybersecurity Strategy pushes regulation, aggressive 'hack-back' operations.


Companies have announced securing billions of dollars in cybersecurity-related contracts with the United States government in 2022.


Private equity giant plans to buy Forcepoint’s Global Governments and Critical Infrastructure (G2CI) business unit for $2.5 billion.


NIST releases Cybersecurity Framework 2.0, the first major update since the creation of the CSF a decade ago.

Cloud Security

Redmond is accused of “negligent cybersecurity practices” that enabled a successful Chinese hack of the United States government.

Cloud Security

News analysis: SecurityWeek editor-at-large Ryan Naraine reads the CSRB report on China's audacious Microsoft’s Exchange Online hack and isn't at all surprised by the findings.


CISA has described and published a set of principles for the development of security-by-design and security-by-default cybersecurity products.