Tidal Cyber Releases Inaugural Election Cyber Interference Threat Research Report
WASHINGTON, Feb. 8, 2024 /PRNewswire/ --Tidal Cyber, the threat-informed defense company, today released a new report, Election Cyber Interference Threats & Defenses: A Data-Driven Study, providing a comprehensive look at cyber threats to global elections in 2024 and insights on prioritizing defenses against top adversaries and election interference tactics, techniques, and behaviors (TTPs). Tidal's study leans on actual data and evidence to pinpoint the most notable potential hotspots for interference, spotlight known and emerging interference TTPs, and use those insights to provide a prioritized list of relevant guidance.
"Tidal Cyber assesses a considerable threat of cyber interference – malicious activities targeting the technical aspects of election processes – affecting global elections this year," said Scott Small, Director of Cyber Threat Intelligence at Tidal Cyber. "Considering that 2024 is a historic year for elections, based on our report, the findings have significant implications threatening to undermine confidence in voting processes or even alter electoral outcomes. We assess that cyber actors aligned with multiple adversarial nations are continuing to evolve their TTPs to attack both historical and new targets for election-related interference successfully."
Key findings include:
- The report identifies the top ten countries facing the highest election cyber interference threats: the US, the UK, South Korea, India, Belgium, Pakistan, Belarus, Mexico, Georgia, and Indonesia.
- A concerning 27% of countries with 2024 national elections face the highest threat levels, facing multiple priority adversary groups and many state-backed groups associated with priority adversary countries.
- The four priority adversary countries (Russia, China, Iran, and North Korea) are using cyber interference for disinformation and espionage and to potentially disrupt actual electoral processes, such as voting, or manipulate results.
- Most voting countries this year face at least some interference threat: Nearly two-thirds (64%) face at least one state-backed cyber threat actor attributed to the three top offenders (Russia, China, or Iran).
- The study also reveals an alarming trend: Pakistan, Indonesia, Venezuela, Uzbekistan, India, Belarus, and Ethiopia face considerable interference threats and, most vital, underlying concerns with digital infrastructure related to electoral processes.
The report identifies trends in election cyber interference TTPs by analyzing dozens of historical instances since 2008, including the adoption of generative AI technology to make phishing and social engineering, the most common form of election-related cyber attack, more convincing. Additionally, Tidal's research highlights adversaries adopting new techniques and external factors to continue to make social engineering attacks successful despite improved defenses, spotlights credential abuse attacks on the rise, the resurgence of politically motivated denial of service and defacement attacks, and high levels of ransomware and extortion attacks.
Tidal also prioritized defensive recommendations around the most prominent TTPs observed across nine election cyber interference attack methods to provide guidance and best practices. Defenders must prioritize regular review and reinforcement of identity security controls, software and application security configuration policies, and endpoint and network threat prevention technology to defend against election interference threats from top adversaries. As relevant adversaries evolve to evade the latest defenses, they are explicitly threatening distinct election cyber interference attacks. Following these recommendations is mission-critical to protect organizations and personnel involved in election and election-related content.
Tidal Cyber has developed a new methodology for estimating the relative threat of interference in elections in more than 60 countries in 2024, "Election Cyber Interference Threat Rankings," which measures the prevalence of cyber adversaries facing countries with national polls this year, including specific offender threat groups and adversaries associated with the top top-known cyber interference offenders and priority adversary countries.
Get Informed and Take Action
For an in-depth understanding of these pressing cyber threats and to access Tidal Cyber's full range of defense recommendations, download the complete "Election Cyber Interference Threats & Defenses" report at https://www.tidalcyber.com/election-cyber-interference-threats-and-defenses.
About Tidal Cyber
Founded in January 2022 by a team of threat intelligence veterans with experience at MITRE, the U.S. Department of Homeland Security, and a wide range of innovative security providers, Tidal Cyber enables businesses to implement a threat-informed defense more quickly and efficiently. Tidal helps its customers map the security requirements and capabilities of their unique environment against the industry's most complete knowledge base of adversary TTPs, including the MITRE ATT&CK® knowledge base, additional open- source threat intelligence sources, and a Tidal-curated registry of security products mapped to specific adversary TTPs. Learn more at https://www.tidalcyber.com.