This year, billions of people will go to the polls to choose their next political leaders. The results of elections worldwide – from India to the USA and European countries – can shape the geopolitical situation for the coming years. Cybercriminals love to exploit significant and large-scale events, and elections in various countries around the world are no exception.
Already now, warnings about disinformation, deepfakes created by artificial intelligence, and possible interference in the electoral process are appearing in different countries. However, not only government institutions and political parties are targets, but also millions of voters who actively read political news and discuss pressing issues online.
ESET specialists have prepared a list of techniques used to spread potential threats during elections, as well as examples of real incidents. Some of these cyberattacks and fraud cases are easy to spot right away, but there are others that are more complex and dangerous.
What common types of threats should be avoided?
1. Spam, which involves the mass distribution of unwanted emails and can be used for phishing campaigns or spreading misinformation. In February 2024, ESET researchers described one such campaign in Ukraine called Operation Texonto. At that time, the attackers were sending spam emails that tried to demoralize the population, as well as phishing messages supposedly from IT departments that demanded users’ credentials.
2. Phishing attacks, during which criminals impersonate a specific person or a government official to force victims to provide confidential information or send money. For example, on the eve of the 2024 elections, some citizens of India became targets of such a phishing attack. At that time, phishing messages spread on social media and WhatsApp, in which one of India’s major political parties and the Indian National Congress offered free mobile recharges so that more people could vote in the elections. Users were redirected to a phishing page designed to steal personal data.
During elections, such cyber threats also spread in the form of fraudulent donation appeals or fake election surveys, for which gifts are promised upon completion, but in reality, the perpetrators have only one goal – to steal the personal or banking information of the victims.
Millions of voters could become targets of cyberattacks during elections worldwide. ESET.
3. Advanced phishing uses social engineering, artificial intelligence, and various evasion techniques. Among the examples is a phishing campaign that uses carefully crafted messages and malicious attachments protected by the AceCryptor malware, designed to hide other threats from detection by cybersecurity tools.
4. “Watering hole” attacks involve the unauthorized use of websites that potential victims frequently visit, with the possibility of further infecting the devices of the site’s visitors.
In the context of elections, cybercriminals often choose news websites as their targets. For example, in 2021, ESET researchers discovered an infection on the London-based digital news site Middle East Eye, which contained a malicious script.
5. A botnet that unites a network of computers compromised by malicious software. It can consist of thousands or even millions of devices performing various malicious actions without the users’ knowledge. Among the malicious activities are the distribution of spam or the launching of DDoS attacks, which involves directing such a large amount of traffic to certain websites that their operation slows down or completely breaks down.
Malefactors typically use DDoS attacks to disrupt the operation of government or news websites, especially during elections. One of the recent notable incidents occurred during the G20 summit in India in 2023. At that time, the site faced a DDoS attack with 1.6 million requests per minute.
What are the most common attack vectors used by cybercriminals?
Malefactors may attempt to compromise or manipulate electronic voting systems and citizen registration databases. For example, ransomware can make voter data inaccessible, which will significantly impact the conduct of elections. Also, a malfunction in the online voting systems for citizens abroad could prevent registered voters from casting their ballots.
Moreover, attackers often target government and local websites using DDoS attacks, phishing, and ransomware. Thus, hackers can alter the content of publicly accessible websites that, for example, display information about current parties or recent polls.
Add a Comment