Attached is a White Paper, 2024 Election Threat Landscape – TLP:CLEAR, authored by the Multi-State Information Sharing & Analysis Center (MS-ISAC), the Elections Infrastructure Information Sharing & Analysis Center (EI-ISAC), the Electricity Information & Analysis Center (E-ISAC), the Faith-Based Information Sharing & Analysis Organization (FB-ISAO), and the Water Information Sharing & Analysis Center (WaterISAC).

This paper discusses threats from the cyber, physical, and hybrid perspectives and includes recommendations for election offices and associated parties to implement to improve their preparedness.

• A wide array of cyber threat actors (CTAs) are likely to target election offices, election officials, and voters using opportunistic and targeted campaigns as well as leverage emerging technologies, such as generative artificial intelligence (Generative AI), and developments in more common tactics like phishing.
  • Observed malicious campaigns included election-specific lures and the use of stolen election correspondence to increase the likelihood of success.
  • Ransomware attacks pose a threat to election offices, even if they are not the direct target of the attack.
• CTAs will increasingly aim to sell election-related information online leading up to the 2024 U.S. general election, taking advantage of the increased interest surrounding the election.
• Politically motivated hacktivists are highly likely to increase elections-focused targeting throughout the 2024 election cycle due to the hacktivism resurgence brought on by the Israel-Hamas and Russia-Ukraine wars.
• Election officials and poll workers are likely to be targeted with physical threats online and in-person. False narratives regarding elections infrastructure will likely influence and direct threat actors (TAs) to target the U.S. electoral system and companies facilitating elections. Supporters of these narratives may become motivated to take physical action.

2024 Election Threat Landscape – TLP CLEAR