Election cybersecurity: Why businesses are at risk, too

Most cybersecurity stories about the 2024 U.S. election focus on threats to government entities that stage elections. But there’s another threat that’s broader and arguably just as dangerous: Businesses and voters are also very much at risk.

Why? The simplest explanation is that elections don’t tend to bring out the best in many voters, and cybercriminals know it. With an election as tight as the 2024 presidential contest promises to be, emotions are sure to run high. Cybercriminals are sure to pounce by launching phishing emails, fake donation drives and other scams.

Users in your business or your clients’ businesses are less likely to be cautious with their online behavior and more likely to click on emails or links they might otherwise have avoided. Cyberattackers will target businesses directly, too.

Cyberattackers know that elections make easy marks out of otherwise responsible end users. As the National Cybersecurity Alliance notes, phishing attacks tend to ramp up during election seasons. Fake election-related websites abound, some of them tied to phony voter-registration drives or, more dangerously, to fraudulent fundraising sites.

For instance, as Dark Reading reports, BrandShield found hundreds of imposter social media accounts and more than 10,000 suspicious websites that claimed some sort of political affiliation. That was just between January 2023 and March 2024, before election season went into full swing.

The targets of those attack attempts, for the most part, aren’t states, counties or municipalities that administer elections. They’re everyday internet and social media users like the ones who work for businesses of all sizes and for MSP clients. The jump from a personal device or Wi-Fi network or device to a business network is an easy one for malware to make, particularly with remote work so widespread.

Individuals aren’t the only entities at risk. In 2024, quite possibly the biggest election year in the history of the world in terms of participation, businesses aren’t just secondary targets. Everstream Analytics found that cyberattacks on the global manufacturing supply chain were especially prevalent in 2023 and early 2024.

Elections played a major role. In Taiwan, Everstream reported, the number of attempted cyberattacks on infrastructure targets jumped from around 1,700 to more than 4,300 the day before the country’s national election on January 13. Taiwanese infrastructure targets suffered at least another 1,000 incidents the next day as well.

Of course, Taiwan and the U.S. are in radically different political situations. But the desire of cybercriminals to steal money and disrupt critical services is pretty much the same the world over.

Take a look at social media of almost any flavor and you’ll find many discussions of the 2024 elections, and emotions are running high. This leaves users particularly susceptible to falling for scams and cyberattacks. Malicious websites abound, many of them promising election news, polls or opinions, but only delivering malware. Fake fundraisers arrive via text and email, promising to fund a candidate when, in fact, the money is going straight into a cyberattacker’s account — and the user’s information can then end up as ransom bait or sold on the dark web.

There’s even malvertising, or links to malicious websites hidden within ads. It’s easy enough to accidentally click on an ad during normal scrolling or surfing. During election season, it’s even more likely, as many ads look like news updates or links to legitimate election-related sites. There’s even a form of malvertising that can install malware on a computer without the user clicking anything at all. Just being on the same page as the ad is enough.

Security awareness training is necessary and important, but election season is a time when a lot your employees or clients are likely to forget or ignore the lessons they’ve learned. Combine that with cybercriminals ramping up their attacks, and the period from September through early November is likely to be a risky one for cybersecurity.

What can businesses and MSPs do to safely survive election season?

Create a realistic but security-focused policy stating what users are allowed to do on the internet and social media. That might mean banning the use of social media on company-provided equipment or on your office network (or both). It might mean blocking access to certain types of websites. Essentially, employees need to know that they should engage in online political activity on their own time, devices and networks.  

Unpatched applications are especially vulnerable during an election. Leaving any sort of security hole in your infrastructure is even more dangerous than usual. Browsers are a sensitive vector in particular. Push updates through as quickly as possible. Yes, sometimes they backfire; CrowdStrike is still fresh in many IT minds. But the overwhelming majority of updates are not only safe but necessary.

If you’re struggling to juggle and integrate multiple disparate security applications, you’re leaving yourself vulnerable at just about the worst possible time. Your security infrastructure needs to be natively integrated and easy to deploy, manage and update. If everything works together natively, it’ll perform better and require less intervention.

There has never been a more critical time to make sure your email application is complete secure. You need to be able to analyze and stop phishing and other data-theft attempts before they can do any damage. You also need extended detection and response (XDR) so that you’ll know if your system is compromised and be able to thwart an attack before you lose data or fall victim to ransomware.

The frenzy of the 2024 election will eventually fade, but cybercriminals will always find opportunities to exploit both human and cybersecurity weaknesses. In the meantime, don’t wait until November: Vote now for secure data this election season.