Nation-State Activity During Election Years

As the election year progresses, the increase in nation-state phishing and spear phishing campaigns has emerged as a major threat to cybersecurity. Many election influence campaigns and other surgical attacks are crafted to undermine the political process, steal sensitive information or erode public trust in democratic institutions. Yet the reality is that while there are ongoing election cyber threats, there is no evidence that nation-states have succeeded in undermining the integrity of election outcomes in the United States and other major democracies.

Election cycles are particularly attractive targets for phishing attacks, where scammers pose as trusted sources to trick victims into handing over sensitive information. These campaigns are notorious and are often directed at politicians, political organizations, government agencies, and key influencers involved in the electoral process. Attackers utilize email, social media, and malicious websites to impersonate trusted entities, luring victims into clicking on harmful links or downloading malware.

One of these, spear phishing, is particularly insidious because it relies on highly targeted messages sent to individuals, with an attention to detail that makes the communication seem convincing. In an election year, we might expect these attacks to be directed at, for example, the campaign staff of political candidates or the offices of high-ranking politicians and election officials who might be in possession of important information or who could provide access to the election system to disrupt its normal functioning.

And even though, over the same period, nation-states have ramped up efforts to target the political process through phishing campaigns, independent reviews and investigations have all agreed that, ultimately, the basic infrastructure hosted by elections officials and used by them to count and validate votes remains secure. Yes, phishing attacks can – and have – stolen information or spread falsehoods and disinformation, but the actual counting and tabulating of votes are resilient and closely observed processes. To date, there is no concrete evidence that these cyber activities have been able to influence the outcomes of elections or change vote tallies. There are political operatives that state otherwise but I challenge them to bring forward substantiated proof for all to examine.

This is an important distinction: even if phishing attacks create confusion, breed distrust and disseminate disinformation, election officials – along with election cybersecurity experts – can and do get progressively better at protecting against such threats. Election integrity is preserved, but the constant, loud drumbeat of cyber actors illustrates that maintaining vigilance in keeping the democratic process safe will be a recurring challenge.