Threatscape of the US Election

Cyber attacks and political elections within the US are frequently heard together in the same sentence following the 2016 presidential election. Media outlets are ramping up their efforts to cover the 2018 midterm elections for the 115th Congress, often including online mediums such as social media. This can create an information overload for voters. Threat actors can exploit this abundance of information to create and disseminate disinformation in an effort to influence the outcome of the elections. Alternatively, they can use news headlines to add a sense of legitimacy to phishing emails. This style of attack is utilized by some of the most sophisticated Advanced Persistent Threat (APT) groups that have been publicly documented.

In addition to disinformation attacks, other targets such as the candidates themselves, voter information databases, and voting machines are also at risk. Politically-motivated threat groups are likely already conducting reconnaissance and attempting to launch attacks against political and election-related organizations and individuals.

The objective of this report is to discuss the current state of election risk and the concerns amongst security researchers regarding the security of the US election infrastructure and the plethora of threats posed to it. Candidates and their associated states and websites will also be examined to ascertain the relative security against malicious activity mentioned above. In addition, various groups who have been known to attack election infrastructure or may have the intent to do so will also be explored.

The full report is available for download here.