DDoS, data theft, hack and leaks aplenty— why the 2024 elections could be the most targeted yet

US, Europe, Russia
(Image credit: Shutterstock)

With over 50 elections set to take place around the globe in 2024, around two billion people will head to the polls before the year is out.

There has never been a better opportunity for state-sponsored actors to influence the elections, test out new techniques to polarize society and generally destabilize their rivals.

A new Mandiant report, titled ‘Poll Vaulting: Cyber Threats to Global Elections’, sees its researchers assess with high confidence that the greatest threat to elections this year are state-sponsored actors.

Russia and Iran linked actors

2016 was the last big year for election interference campaigns, particularly for Russia, whose interference has been alleged in both the year's Brexit referendum and in the US Presidential election under a program supposedly called 'Project Lakhta'.

But 2024 will give hostile nations another opportunity to test the techniques they have refined since then, pioneering new and innovative methods to influence voter opinion and attempt to elect those with shared sympathies, or those who will destabilize security-oriented multinational organizations.

Intelligence gathered by Mandiant on previous elections shows that election campaigns and voters are hardest hit by cyber-threat activity, with news organizations, social media platforms, interest groups and donors, and political parties themselves being the most likely victims of cyber threat activity.

Data theft, distributed-denial-of-service (DDoS) attacks, hack and leak operations, and various information operation (IO) campaigns using social media are all ranked as some of the most likely tactics used to effect election campaigns and voters, with Mandiant assessing that these could be used in layered campaigns that each seek to magnify the effect of each other.

Election

(Image credit: Free)

Mandiant highlights that DDoS attacks in particular are effective at undermining the trust in infrastructure, particularly when used in protracted campaigns, with the Russian Main Intelligence Directorate (GRU) using DDoS attacks against Ukrainian financial services to sow panic in the run up to its invasion of Ukraine.

While Mandiant assesses the tampering of electronic voting machines, as well as cyberattacks against the organizations that manufacture the hardware and software used in them as having a very high magnitude of disruption, there has been no observed occurrence of this happening in the wild, meaning the possibility of this occurring is assessed as low.

Vigilant populations and experienced defenders are the best defense against election interference, Mandiant says, stating that understanding the complex mesh of threats to elections alongside hardening infrastructure against cyberattacks can contribute to bluntening the effect that state-sponsored attackers can have on elections.

Jamie Collier, Mandiant Senior Threat Intelligence Advisor EMEA, Google Cloud provided some perspective on the types of threats set to face the West, “Russia remains the most serious threat to Europe in the runup to the European Parliament elections. Russian operations will likely take place across Europe and attempt to undermine support for Ukraine, NATO, and the EU. Russia-nexus groups, such as APT44, have a track record of combining espionage campaigns, destructive operations, and spreading disinformation."

“This means Europe must not only prepare for a variety of cyber risks, but also understand how they come together. Hack and leak operations are one example of this in action: sensitive information stolen through a network intrusion boosts the effectiveness of subsequent information operations that can leverage authentic documents to maximise societal disruption,” Collier continued.

“Information operations and disruptive cyber campaigns thrive when their impacts are built up. This makes objective analysis of election cyber threats vitally important. Understanding the threats to elections provides an opportunity to build a more tailored and proactive security posture. This empowers democracies to meet these challenges head on.”

More from TechRadar Pro

Benedict Collins
Staff Writer (Security)

Benedict has been writing about security issues for over 7 years, first focusing on geopolitics and international relations while at the University of Buckingham. During this time he studied BA Politics with Journalism, for which he received a second-class honours (upper division), then continuing his studies at a postgraduate level, achieving a distinction in MA Security, Intelligence and Diplomacy. Upon joining TechRadar Pro as a Staff Writer, Benedict transitioned his focus towards cybersecurity, exploring state-sponsored threat actors, malware, social engineering, and national security. Benedict is also an expert on B2B security products, including firewalls, antivirus, endpoint security, and password management.

Read more
An illustration of a silhouetted thief in motion running while carrying a stolen fingerprint
The 5 worst cyberattacks of 2024
ransomware avast
“Every organization is vulnerable” - ransomware dominates security threats in 2024, so how can your business stay safe?
Crowdstrike logo
Will Chinese cyberespionage be more aggressive in 2025? CrowdStrike thinks so
A digital representation of a lock
Exploits on the rise: How defenders can combat sophisticated threat actors
Representational image of a hacker
The 10 worst software disasters of 2024: cyberattacks, malicious AI, and silent threats
Flags of Iran, China, Russia and North Korea on a wall. China North Korea Iran Russia alliance
Cybercrime is helping fund rogue nations across the world - and it's only going to get worse, Google warns
Latest in Pro
Finger Presses Orange Button Domain Name Registration on Black Keyboard Background. Closeup View
I visited the world’s first registered .com domain – and you won’t believe what it’s offering today
Racks of servers inside a data center.
Modernizing data centers: an efficient path forward
Dr. Peter Zhou, President of Huawei Data Storage Product Line
Why AI commonization is so important for business intelligent transformation and what Huawei’s data storage has to offer
Wix automation
The world's leading website builder aims to save businesses time with new tool
Data Breach
Thousands of healthcare records exposed online, including private patient information
China
Juniper patches security flaws which could have let hackers take over your router
Latest in News
Super Mario Odyssey
ChatGPT is the ultimate gaming tool - here's 4 ways you can use AI to help with your next playthrough
Ray-Ban smart glasses with the Cpperni logo, an LED array, and a MacBook Air with M4 next to ecah other.
ICYMI: the week's 7 biggest tech stories from Twitter's massive outage to iRobot's impressive new Roombas
Brad Pitt looks over his right shoulder with 'F1' written behind him
Apple Original Films will take you behind-the-scenes of a racing cockpit in this new thrilling F1 movie trailer
AI writer
Coding AI tells developer to write it himself
Reacher looking down at another character from the Prime Video TV series Reacher
Reacher season 3 becomes Prime Video’s biggest returning show thanks to Hollywood’s biggest heavyweight
Finger Presses Orange Button Domain Name Registration on Black Keyboard Background. Closeup View
I visited the world’s first registered .com domain – and you won’t believe what it’s offering today