Beyond the Ballot: Navigating Digital Threats With Election Security

Protecting election security

Elections are more than just a tally of votes. They reflect our vulnerabilities to digital risks, like cyberattacks, disinformation campaigns, and other online threats. And with the added pressures from geopolitical events and global tensions, the spotlight on election security has never been brighter.

The 2020 US presidential election was plagued with concerns across the political spectrum of potential fraud threatening its legitimacy. And as the 2023 US elections approach, election security is top of mind for voters and government and public sector officials looking to safeguard voting processes and preserve democratic systems.

If you’re an organization involved in the electoral process in any capacity, it’s not enough just to be aware of these challenges. This is where threat intelligence steps in.

We’ll cover:

• The overall election security landscape and the vulnerabilities it faces
• Recent examples of election security concerns
• How Flashpoint helps teams counter election security threats

The election security landscape

At its core, election security aims to safeguard every facet of the electoral process, from campaigns to the actual voting mechanism. The landscape is complex. Threats range from cyber operations to physical threats that target infrastructure and officials. Threat actor campaigns also seek to spread covert information through influence operations. This can amount to disinformation as well as physical threats against politicians, or election process personnel.

For instance, electronic voting systems, while efficient, are vulnerable at multiple stages:

• Authentication of voters: Attackers can exploit vulnerabilities in the authentication process. Whether that’s by obtaining personal identifiable information (PII) through phishing, compromising servers with voter registration databases, or tricking biometric systems.
• Collection of information: After casting a vote, the system’s cryptographic encryption can become a target. Methods such as distributed denial-of-service (DDoS) attacks and shell injections can manipulate the voting process.
• Transmission and storage: As votes move from point A to B, man-in-the-middle attacks can intercept this data. Even when safely stored on servers, these databases can be breached or held ransom if protections are inadequate.
• Tabulation: Even at the stage of vote counting, cyber attackers still pose a threat. Votes can be changed, destroyed, or made illegible through malware injections and other means.

The challenge of disinformation

While cyberattacks on the infrastructure are a significant concern, there’s another less tangible but equally dangerous threat: Disinformation. Disinformation campaigns, spread through platforms like social media, sow doubt about the legitimacy of an election. Even if no tampering occurred. These campaigns can also seek to incite physical violence or riots.

“These narratives have the power to
shape political and kinetic decision-making; they are also an effective tool for psychological influence.”

The Role of OSINT
in Russia’s Invasion
of Ukraine

Recent changes in popular social media platforms heighten these concerns. Coupled with the rise of generative AI that can craft deepfakes to spread AI-driven disinformation, we see that malicious actors now have powerful tools at their disposal to manipulate public opinion.

Countering election security threats

Flashpoint offers a suite of capabilities tailored to combat and anticipate the unique challenges elections face, ensuring that the heart of democracy remains uncorrupted.

Election fraud detection

Flashpoint National Security Intelligence (NSI) provides access to a tailored selection of capabilities and services to monitor and be alerted to threats across the cyber and physical realms.

Tools like Flashpoint’s Cyber Threat Intelligence (CTI), and Echosec, and services like Requests For Information (RFIs), enable teams to identify and monitor mentions, keywords, and trends related to elections across various platforms. They offer a shield against malicious attempts to disrupt or manipulate the process. Real-time insight translates to immediate action, ensuring that any fraudulent activities are nipped in the bud, preserving the authenticity of the votes.

Disinformation countermeasures

The battleground has expanded beyond voting booths; it now includes the minds of voters. Echosec and Managed Attribution serve as early warning systems against the storm of both misinformation and deliberate disinformation campaigns. By detecting these indicators promptly, teams can respond swiftly, correcting narratives and ensuring voters are well-informed.

Physical security

Echosec and Intel reports allow teams to monitor real-world threats—be it to election officials or potential public gatherings—so that the safety of everyone involved in the electoral process is prioritized. Physical security intelligence is about more than just threat detection; it’s about guaranteeing that the democratic process remains unhindered and free from intimidation.

Election machine protection

At the intersection of the physical and digital is the voting machine itself. Flashpoint’s VulnDB provides comprehensive coverage of known vulnerabilities—as well as issues not reported to CVE—affecting popular vendors such as Dominion, ES&S, and Hart Intercivic. By ensuring the machines’ integrity, voters can cast their ballots with confidence, knowing that their choices are being recorded securely and accurately.

Empowering election security

Flashpoint is dedicated to empowering national security with much-needed data, intelligence, and insights. The Flashpoint National Security Solutions team provides public sector organizations the full spectrum of resources offered by our NSI capabilities. Sign up for a free trial today.