2024 US Presidential Election Cyber Intrusion: Part 2 - Hostile Nation State Actors

Uploaded on 2024-10-09 in INTELLIGENCE-Hot Spots-Russia, INTELLIGENCE-Hot Spots-Iran, INTELLIGENCE-Hot Spots-China, INTELLIGENCE--International, GOVERNMENT-National, FREE TO VIEW

Part 2 of a series that will analyze critical cyber security aspects during the countdown  to the 2024 US Presidential Election, beginning with Nation State Threat Actors, then Covert Influence Operations, Cybercrime and Hactivism.

Nation-state cyber actors pose a serious foreign influence threat to the upcoming 2024 US Presidential Election, with likely objectives to propagate material that criticises election candidates and government officials, amplifying US societal divisions, and sowing discord amongst US citizens.

With the 2024 US Presidential Election taking place in the midst of the ever-evolving AI ecosystem, nation-states will likely leverage this technology to influence voting behaviour in favour of state interests. Priority cyber targeting throughout the election period may involve the government sector, election-related networks, national and local political parties, and the personal devices of election officials.

Russia 

The Russian Federation is the primary influence threat to the US Presidential Election, with Moscow leveraging a broad array of influence actors to enhance the potency and reach of these efforts and create content that resonates with US audiences, all whilst influencing congressional electoral outcomes, undermining public confidence in the electoral process, and exacerbating sociopolitical divisions.

In recent years, the US political arena has been under direct attack by the Newsroom for American and European Based Citizens (NAEBC), who have consistently attempted to influence diverse demographics on issues related to US politics and elections. Following an FBI probe, US prosecutors indicated that NAEBC played a critical role in Russian efforts to sway the 2016 US election in favour of former President Donald Trump . Based on the current Republican Party’s intentions of reducing support for Ukraine, it is unlikely that the 2024 election proceedings will be spared from this spree of Russian influence activity. 

The Russian disinformation campaign, known as Doppelgänger, should be highlighted as a threat as the influence network already attempted to influence the voting outcome on November 5th. Actors behind the campaign have leveraged AI-generated content, as well as creating 32 fake domains impersonating the Washington Post, to spread disinformation in favour of Russian interests. The campaign likely carries the objective of swaying the US election in favour of the former President Donald Trump, based on the Republican Party’s intentions of reducing financial and defence support for Ukraine, shifting focus to US domestic issues. Although the US Justice Department of Justice indicted two Russian nationals for their involvement, and sanctioned others tied to the campaign, follow-up influence efforts will likely emerge to exert social manipulation whilst eroding public trust in the US media.

Iran

Iranian influence assets also pose a significant threat to the upcoming election with the regime having a multitude of influence networks and propaganda mills at its disposal to disseminate disinformation to shape the information space. Iranian efforts to influence the outcome of the election will likely be shaped by the US-Israeli alliance that is currently acting as a buffer in preventing Tehran from escalating warfare efforts in the Middle East, supporting its Axis of Resistance proxy Hamas in Gaza. 

We have already witnessed this on the lead up to November 5th with OpenAI recently dismantling multiple ChatGPT accounts used by an Iranian influence network, tracked as Storm-2035, as part of an influence operation with what we have assessed to likely carry the objective of generating news articles and social media posts to sow discord amongst US voters and incite violence against US government officials.

China
Chinese influence actors will also likely enter the frame, with the DRAGONBRIDGE network likely to promote narratives regarding US politics, as well as Washington’s domestic and foreign affairs issues. Another pro-China influence campaign to be aware of is HaiEnergy, that regularly releases content critical of US foreign affairs and politicians, whilst praising the policies of the PRC. Chinese influence actors will also likely resort to social media to amplify disinformation content by posting partisan to boost follower counts and generate engagement from platform users. 

TO BE CONTINUED

Craig Watt is a Threat Intelligence Consultant at Quorum Cyber specializing in strategic and geopolitical intelligence.

Image: gguy44

You Might Also Read: 

How AI Will Help Disrupt Elections Around The Globe:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« A Critical Flaw Exposing Google Cloud Servers
A Landmark Ransom Attack On Healthcare »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Radisys

Radisys

Radisys offers software, products, integrated systems, and professional services for communication service providers and telecom solution vendors.

TestingXperts

TestingXperts

TestingXperts is a specialist software QA and testing company.

European Cybercrime Training and Education Group (ECTEG)

European Cybercrime Training and Education Group (ECTEG)

The primary aim of ECTEG is to enhance the coordination of cybercrime training, by identifying opportunities to build the capacity of countries to combat cybercrime

CSIRT Panama

CSIRT Panama

CSIRT Panama is the national Computer Incident Response Team for Panama.

GOVCERT.lu

GOVCERT.lu

GOVCERT.lu is responsible for the treatment of all computer related incidents jeopardising the information systems of the government and defined critical infrastructure operators in Luxembourg.

Synectics Solutions

Synectics Solutions

Synectics deliver solutions for reducing risk, combating financial crime, and enabling organisations to meet their compliance and regulatory commitments.

ThirdWatch

ThirdWatch

ThirdWatch is a Data Science company with real-time automated fraud prevention solutions.

Eclypsium

Eclypsium

Eclypsium protects organizations from the foundation of their computing infrastructure upward, controlling the risk and stopping threats inside firmware of laptops, servers, and networks.

Global Accelerator Network (GAN)

Global Accelerator Network (GAN)

Global Accelerator Network are a highly curated community of independent Accelerators, Partners and Investors.

Expel

Expel

Expel provide transparent managed security services, 24x7 detection, response and resilience.

PurpleSynapz

PurpleSynapz

PurpleSynapz provides hyper-realistic Cyber Security Training with a modern curriculum and Cyber Range.

QuSecure

QuSecure

QuSecure provides a software-driven security architecture that overlays your current infrastructure and provides next-generation security to protect your entire network from quantum threats.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

NetBlocks

NetBlocks

NetBlocks is a global internet monitor working at the intersection of digital rights, cyber-security and internet governance.

Accenture

Accenture

Accenture is a leading global professional services company providing a range of strategy, consulting, digital, technology & operations services and solutions including cybersecurity.

AirMDR

AirMDR

Designed by experts, AirMDR solutions cater to the unique demands of security operations centers.