Security News

With more voters than ever in history heading to the polls in 2024, Resecurity has identified a growing trend of malicious cyber-activity targeting sovereign elections globally. In an era of unprecedented geopolitical volatility, this trend is particularly concerning, as Time Magazine notes that 64 countries are set to hold national elections this year.

Iran's anti-Israel cyber operations are providing a window into the techniques the country may deploy in the run-up to the 2024 US Presidential elections, Microsoft says. An analysis of Iran's activity, published by Microsoft Threat Analysis Center today, concluded that Iran may again target US elections as it did in 2020, using more sophisticated techniques from a wealth of different groups.

In this Help Net Security video, Adam Marrè, CISO at Arctic Wolf, explains how state and local governments must focus on cybersecurity as the 2024 election approaches in the United States. This workload becomes even heavier during election years with extra responsibilities.

Schneier has used the phrase "Security theatre" to describe public actions which do not increase security, but which are designed to make the public think that the organization carrying out the actions is taking security seriously. Security theatre has positive aspects too, provided that it is not used as a substitute for actions that would actually improve security.

2024 is a presidential election year in the US. 2016 and 2020 both saw impressive increases in attempts to influence voters through crafty propaganda and social media campaigns run by bots and expert social engineers, along with attempts to influence the vote through abuse of related technologies. In this Help Net Security video, Ryan Maltzen, Cybersecurity Architect at Fortra, discusses how, in past elections, this was more largely a manual process than we should expect with the rise of generative AI and other tools that seem well-positioned to have impacts in this space.

AI, post-quantum cryptography, zero trust, cryptography research, and election security will shape cybersecurity strategies in the present and for 2024, according to NTT. As the world emerged from the pandemic and continued to adapt to the rapid implementation of digital transformation, businesses witnessed the rise of sophisticated ransomware attacks, state-sponsored cyber espionage and the constant need to secure the ever-expanding IoT. AI's impact on cybersecurity strategies in 2024. AI promises to impact both cybercriminal behavior and cybersecurity strategies in 2024.

For its part, Microsoft announced a five-step election protection strategy it'll roll out in the coming months "In the United States and other countries where critical elections will take place in 2024," Microsoft president Brad Smith and VP technology for fundamental rights Teresa Hutson said in a blog post. Microsoft's first initiative is the Content Credentials service, where Redmond will roll out digital watermarking metadata for images and videos as designed by the Coalition for Content Provenance and Authenticity, of which Microsoft is a member.

The US Capitol's election agency says a ransomware crew might have stolen its entire voter roll, which includes the personal information of all registered voters in the District of Columbia. The DC Board of Elections first became aware of the intrusion on October 5, when a criminal gang called RansomVC claimed to have broken into a server belonging to DataNet Systems, the agency's website hosting provider, and accessed 600,000 items of US voter data including DC voter records.

The District of Columbia Board of Elections says that a threat actor who breached a web server operated by the DataNet Systems hosting provider in early October may have obtained access to the personal information of all registered voters. The entire voter roll that may have been exposed contains a wide range of personally identifiable information, including driver's license numbers, dates of birth, partial social security numbers, and contact information such as phone numbers and email addresses.

If an AI breaks the rules for you, does that count as breaking the rules? This is the essential question being taken up by the Federal Election Commission this month, and public input is needed to curtail the potential for AI to take US campaigns off the rails. Future uses of AI by campaigns go far beyond deepfaked images.