As the 2024 United States presidential election is scheduled for November 5, the country is gearing up for what could be a tightly contested race. The political landscape is dominated by familiar figures, with President Joe Biden seeking reelection and former President Donald Trump leading the Republican charge. Polling data reflects a potentially close race, making 2024 U.S. election security a paramount concern for officials nationwide.
As political campaigns intensify, so do efforts to safeguard the integrity of the election process—especially in the face of growing threats to both physical and cyber infrastructure.
The Cybersecurity and Infrastructure Security Agency (CISA) took a proactive step in enhancing election security by releasing two essential checklists: the Physical Security Checklist for Election Offices and the Election Infrastructure Cybersecurity Readiness and Resilience Checklist. These tools are part of CISA’s broader suite of resources aimed at preparing election officials for various challenges that may arise on election day.
2024 U.S. Election: Strengthening the Frontlines of Democracy
The release of these checklists reflects the seriousness with which election officials are approaching the security of the 2024 U.S. General elections. Cait Conley, Senior Advisor at CISA, expressed the agency’s commitment to supporting election offices, stating, “Election officials around the country are unwavering in their commitment to enhance the cyber and physical security of election infrastructure to meet an evolving threat environment.”
With increasing reports of cyber threats, disinformation campaigns, and physical security risks, CISA’s checklists are designed to be a last-minute audit tool for election offices. Their purpose is simple yet crucial: to help election officials review existing practices and enhance their resilience to potential threats.
The CISA checklists address three key areas of vulnerability: phishing attempts, distributed denial of service (DDoS) attacks, and ransomware, each of which poses a significant threat to election infrastructure. For election offices, these lists offer guidance on how to prevent and respond to such incidents, ensuring that election day proceeds smoothly.
Phishing: A Persistent Threat
Phishing attacks remain one of the most common methods by which malicious actors attempt to infiltrate organizations. The checklist provides straightforward recommendations to mitigate this risk, such as enabling Multifactor Authentication (MFA) and Domain-based Message Authentication Reporting and Conformance (DMARC) for all email accounts. These simple steps can help prevent unauthorized access to election networks and protect sensitive information.
However, technical measures alone are insufficient without proper training. The CISA checklist emphasizes the importance of regularly training election staff to recognize phishing attempts. Malicious actors constantly refine their techniques, making it critical for staff to be equipped to identify suspicious emails and report them promptly. In the high-stakes environment of an election, even a single phishing attack could have disastrous consequences.
Protecting Websites from DDoS Attacks
DDoS attacks, which involve overwhelming a website with traffic to render it unusable, are another major concern for election officials. Websites serve as critical communication platforms on election day, providing voters with information on polling locations, results, and other vital updates. If a website is taken down, the flow of information can be disrupted, leading to confusion and uncertainty among voters.
CISA’s checklist advises 2024 U.S. election officials to coordinate with their website service providers and internet service providers to ensure that DDoS mitigation measures are in place. Many service providers offer basic protections at no cost, while more advanced services may come at an additional fee. Officials are encouraged to review contracts in advance and ensure they know who to contact in the event of an attack.
Moreover, the checklist highlights the importance of having alternative information dissemination plans in place. Even with the best defenses, websites may still go down, so election offices must be prepared with contingency plans that keep voters informed through other means.
Defending Against Ransomware
The threat of ransomware, where malicious actors encrypt critical data and demand a ransom for its release, has become a growing concern in recent years. For election offices, a ransomware attack could cripple operations, preventing the timely reporting of results or even jeopardizing the integrity of the election process.
To combat this threat, CISA recommends several measures, including network segmentation and the use of endpoint detection and response (EDR) software. Proper network segmentation ensures that even if one part of the network is compromised, the attack cannot spread to other systems. EDR software, meanwhile, helps monitor network traffic for signs of malicious activity, providing early warnings that can help prevent an attack from escalating.
Election offices are also encouraged to maintain offline, encrypted backups of critical data. These backups should be tested regularly to ensure they can be restored in the event of a ransomware attack. Ransomware actors often target backup systems, so it is essential that these backups are stored in a secure, isolated environment.
Physical Security: The Human Element
While much of the focus on election security revolves around cyber threats, physical security remains just as important. Election offices must be prepared for the possibility of physical breaches or disruptions, whether from protestors, disgruntled individuals, or organized groups seeking to interfere with the election process.
The Physical Security Checklist advises election officials to review and enhance security measures at polling locations and election offices. This includes ensuring that all security systems are functional, personnel are trained to respond to security incidents, and that contingency plans are in place for potential disruptions.
The Road Ahead
As the election date approaches, the threat environment will likely continue to evolve. Cyber actors, both foreign and domestic, are expected to target election infrastructure in an attempt to sow discord and undermine public trust. In light of these challenges, CISA’s resources, including the checklists, are designed to help election officials stay one step ahead.
CISA’s proactive approach provides election officials with the tools they need to protect the integrity of the democratic process. While no security measure is foolproof, these guidelines offer a solid foundation for election offices to build upon as they prepare for November 5.
As CISA’s Conley noted, “These checklists help highlight some of the most common threat vectors, security practices, and resilience measures for consideration.” In the race to protect the 2024 U.S. elections, vigilance, preparation, and adaptability will be key.