With the next US presidential election less than a year away, and concerns growing in Washington DC that the democratic process will again be a target for cyber interference, a report compiled by Arctic Wolf has found that state and local IT and cyber security teams are dangerously underprepared and under-resourced as the next election cycle approaches.
Conducted alongside the Center for Digital Government, Arctic Wolf questioned over 130 US government leaders, including those with responsibility for IT and security, seeking to understand their attitudes and beliefs on the key cyber issues linked to the election.
“As the United States gears up for the 2024 election, the significance of cyber security for state and local governments cannot be overstated,” the report’s authors wrote. “In an era where digital threats are increasingly sophisticated, robust cyber security measures are essential to protect both the critical election infrastructure and the integrity of elections itself.”
Almost half of respondents said they believed the level of cyber threat facing their organisations would increase during the 2024 election cycle, but at city, county and state level, clear majorities felt they were only somewhat prepared to detect and recover from election-targeted incidents – 41%, 59% and 42% respectively.
At city level, 16% said they felt not at all prepared, and at state level, this figure stood at 14%. No more than 5% of respondents at any level of government in the US felt fully prepared to face a cyber incident.
The survey revealed government security teams are operating with limited staff and stretched thin by the volume of day-to-day responsibilities they already face, which will be compounded in 2024 by the electoral process.
Personnel constraints in particular make it hugely challenging for government security teams to allocate appropriate time and expertise to election security, said Arctic Wolf.
Budget concerns are also weighing heavily on the mind of IT and security teams, with 27% feeling their budgets were somewhat inadequate, 9% feeling their budgets were very inadequate, and 10% having no clear idea either way.
The study also revealed a lack of attention paid to election-specific cyber security training, with only 51% of respondents saying their team had received any such instruction, compared with 24% who had, and 26% who did not know if they had.
“Cyber security training specific to election threats is crucial to implement as it empowers election officials to identify and mitigate risks unique to electoral processes,” said the report’s authors.
“Understanding the intricacies of election infrastructure and potential threats ensures a proactive defence against cyber threats that could compromise voter data or influence election results. Additionally, specialised training enables officials to detect and respond swiftly to emerging threats, further preserving the integrity of the democratic process.”
What threats does the US presidential election face?
Widely predicted to be a “rematch” of the troubled 2020 contest between Donald Trump and Joe Biden, the 2024 election faces a range of potential cyber security threats.
Among the most widely anticipated threats on the ground are a rise in threats driven by generative artificial intelligence (GenAI), which is enhancing the efficacy of some of the most widespread cyber threats faced by elections, disinformation and phishing.
These two issues – which often go hand-in-hand – were seen as the biggest threats by government IT and security pros, with over 50% concerned about disinformation and 47% about phishing attempts on officials and staff. Additionally, 46% were concerned about hacking attempts against electoral processes, websites and systems.
Of lesser immediate concern were issues such as ransomware attacks against election infrastructure, technical glitches and failures, potential manipulation of voter rolls or results, tampering with the electronic voting machines used in the US, and compromises of associated cloud environments.
Previous US elections have shown that interference by hostile nation states has rightly been the main concern, and respondents to the survey expected that both China and Russia would be the most active agents in this regard.
However, for the 2024 cycle, 20% of respondents said they were most concerned about interference emanating from within the US itself, likely reflecting increased political polarisation and, in some cases, radicalisation by extremists. Arctic Wolf said the potential fusion of international and domestic threats underscored the need for all levels of government in the US to put in place comprehensive cyber strategies that include heightened awareness, collaboration and resilience.
“As the 2024 elections draw near, the findings of this survey underscore the need for state and local governments to fortify their cyber security posture,” wrote the report’s authors. “The challenges are multifaceted, demanding strategic investments in personnel, technology and training. A comprehensive cyber security strategy, fuelled by heightened awareness, collaboration and resilience, is paramount to preserving the security of the democratic process in the face of evolving and dynamic cyber threats.”