Abstract: As the U.S. 2024 elections season is here, focusing on Cybersecurity to prevent international interference should be a top priority for the United States, considering the major interference in the 2020 elections from threat actors from Russia and China. The U.S. election isn’t just an internal affair but an international affair. Key issues of international threat actors in political elections have impacted organisations and countries around the world, specifically in the European Union States, the U.S., and Türkiye. Social media is a key tool in how threat actors are targeting democratic values by gaining power and influence in apps such as TikTok and Instagram, which are commonly utilised by actors such as DRAGON BRIDGE. Nations like the U.S. need to learn from their past mistakes to build a secure voting infrastructure. Putting to thought the adverse effects on a global scale!
Problem statement: How will the upcoming U.S. election prepare for a fair ballot without interference from hackers?
So what?: With the upcoming U.S. election, both major parties are emphasising international policy shifts, with former President Trump advocating for reduced involvement in Ukraine and higher tariffs on foreign nations, especially China. Meanwhile, Kamala Harris supports Israel’s stance in its ongoing conflict with Palestine, reflecting deeper global tensions. Securing America’s voting infrastructure has become critical, especially after the cyber vulnerabilities exposed in the 2020 U.S. election and the recent cyberattacks in the 2024 EU elections. These events underscore the importance of strengthening cybersecurity to prevent malicious interference. A united effort from governments, tech companies, and citizens will be essential to protect the democratic process.
Source: shutterstock.com/Pixels Hunter
Targeting of the U.S. Presidential Election
A threat actor verified as DRAGON BRIDGE originating from China has made a strategic move to disrupt the 2024 U.S. election, which holds significant implications for the future of U.S. international relations, particularly concerning China, Russia, and other geopolitical players. The involvement of this Chinese-linked group raises serious concerns about foreign influence on the democratic process. According to Mandiant, ongoing cyberattacks have confirmed DRAGON BRIDGE’s persistent targeting of the upcoming U.S. presidential election and American voters. Since November 2023, the group has gained a substantial following across multiple social media platforms namely Instagram. Key systems under threat include election infrastructure such as voting machines, voter registration databases, and election management systems, along with communication channels like social media and news websites that are frequently exploited for misinformation.[1] Cybersecurity systems, including firewalls and intrusion detection systems, play a critical role in defending against unauthorised access and cyberattacks. DRAGON BRIDGE employs various tactics, such as social engineering through phishing and impersonation, technical manipulation via malware and DNS spoofing, and narrative engineering that utilises content creation and targeted advertising to disseminate false narratives.[2]
Cybersecurity systems, including firewalls and intrusion detection systems, play a critical role in defending against unauthorised access and cyberattacks.
With the rise of another cyber threat, the stakes for the 2024 election, particularly in terms of international policy, are extraordinarily high, as highlighted in the U.S. presidential debates. The uncertainty surrounding the election outcome amplifies the need to secure election-related systems and protect voter integrity. Foreign actors like DRAGON BRIDGE view this moment as an opportunity to undermine U.S. democratic processes for strategic gain, potentially reshaping international relations with various countries. The attacks from DRAGON BRIDGE have targeted private systems impacting U.S. citizens and social media. For instance, in September 2022, a DRAGON BRIDGE account posted a video intended to discourage Americans from voting and question U.S. government institutions’ merits, featuring images from the January 6 assault on the U.S. Capitol to sow doubt and influence public sentiment. There was no particular effect on the voting; however, in response, the U.S. government has implemented a comprehensive array of cybersecurity measures to combat such threats, including regular system updates, network segmentation, and stringent access controls designed to prevent unauthorised movement within critical systems.[3]
The international impact of U.S. Democracy
The outcome of the 2024 U.S. elections carries substantial international implications, with each administration’s stance on foreign policy setting the tone for global relations. This influence was particularly evident when former President Donald Trump took office in 2016, sparking a tense economic rivalry with Chinese President Xi Jinping. Under Trump, the U.S. imposed tariffs on Chinese imports, including steel, aluminium, washing machines, and solar panels. The measures affected over $380 billion in trade and resulted in an estimated $80 billion tax increase for U.S. consumers—one of the largest tax hikes in recent history. However, President Biden left many tariffs in place when he came into office, leaving little to no change in the tariff policy. In October 2019, the United States won a nearly 15-year-long world trade Organization dispute against the European Union. The WTO ruling authorised the United States to impose tariffs of up to 100 per cent on $7.5 billion worth of EU goods. In May 2024, the Biden administration expanded on this approach, adding tariffs on an additional $18 billion worth of Chinese goods, which introduced another $3.6 billion in consumer taxes. These actions underscore the economic stakes tied to U.S. election outcomes, as changes in leadership can shift policies with far-reaching global impacts.[4] Such tariffs could place further economic strain on major trading partners, including China, the UK, Japan, and the European Union, intensifying economic tensions worldwide.
The outcome of the 2024 U.S. elections carries substantial international implications, with each administration’s stance on foreign policy setting the tone for global relations.
On the Democratic side of it, Vice President Kamala Harris has expressed support for Israel’s defensive actions amid escalating hostilities with Palestine, a conflict that has now drawn Lebanon and Iran into the fray. Her position, if upheld by a Democratic administration, may influence the U.S.’s relationships with other Middle Eastern nations, with broader implications for regional stability and diplomacy. Should the U.S. abruptly shift away from supporting Israel, there could be serious repercussions: Israel, a close intelligence-sharing ally, might respond by releasing sensitive information, potentially leading to an “information war” with significant consequences for both U.S. interests and those of its allies.
The potential for these policy shifts underscores the global significance of U.S. elections, as America’s foreign policy strategies directly impact international diplomacy, economic alliances, and military support. In addition to these foreign policy and economic stakes, the 2024 election season has underscored the importance of securing U.S. voting infrastructure. The 2020 presidential election highlighted vulnerabilities to cyber interference, as hackers and foreign actors targeted electoral systems. Strengthening cybersecurity defences is thus essential to safeguarding the democratic process. Addressing these challenges requires coordinated efforts among governments, technology companies, and citizens, emphasising the vital role of secure elections in maintaining both domestic stability and international credibility. The upcoming election’s outcome will resonate beyond American borders, influencing how the U.S. navigates relationships with major powers and tackles critical issues in trade, security, and diplomacy.
The illustration above shows the total tariffs collected while in office under President Biden and under former President Trump; Source: Trade Statistics.
Intellectual Property and How Social Media Apps Take Advantage
Social media is proving to be one of the best innovations of our time, enabling global communication, collaboration, and access to information. Paired with artificial intelligence (AI), social media platforms now offer an even more engaging and personalised experience for users worldwide. However, the rapid advancement of AI in social media has sparked concerns in the U.S. about job displacement, overshadowing some of the technology’s initial promise to inform and connect people. Despite these concerns, AI’s role in social media is crucial in reaching and educating younger audiences on current events and political movements, making it a powerful tool in today’s political landscape. As election season approaches, candidates increasingly leverage AI-enhanced social media platforms to communicate their messages, in addition to traditional methods like public speeches, rallies, and news appearances. This evolution highlights the shifting landscape of political engagement, where AI-driven social media is playing an ever-growing role in shaping public opinion and encouraging civic participation.
In the UK, more than 8 million young people have reached voting age in 2024. To connect with this tech-savvy demographic, candidates like Rishi Sunak (with 2.3 million followers on X), Keir Starmer (1.4 million followers on X), and Abi McGuire, prominent on TikTok, are turning to platforms like TikTok, Instagram, X (formerly Twitter), and Meta. By adapting their campaigning strategies to these modern platforms, they can better engage younger voters and stay relevant in an evolving political landscape.[5], [6]
However, the rise of social media has also led to an alarming increase in election interference. For instance, WIO News reports that approximately 700,000 TikTok accounts in Türkiye were compromised by an unidentified hacker just before the 2023 presidential elections. This incident marks the largest known breach of TikTok accounts acknowledged by the company. Notably, the Erdoğan administration exploited this situation to its advantage, employing tactics such as deepfakes and censorship to sway voters favouring President Recep Tayyip Erdoğan.[7] TikTok’s acting security chief, Kim Albarella, learned of the hack shortly before Erdoğan’s narrow re-election victory. The breach not only compromised individual privacy but also cast a shadow over the integrity of the electoral process, highlighting the critical intersection of technology and democracy.[8] This incident should not only be troubling for Türkiye but also for the global community, as it highlights vulnerabilities in digital infrastructure and the potential for electoral interference. This specific incident, involving a security vulnerability in TikTok, was brought to the attention of the UK’s National Cyber Security Centre (NCSC) in 2022. In April of that year, the NCSC, which is part of the UK intelligence agency GCHQ, notified TikTok’s head of security, Roland Cloutier, about the vulnerability. Despite this early warning, TikTok reportedly failed to address the issue, allowing the vulnerability to persist until the breach occurred in 2023. The hackers’ primary objective was exploiting a technique called grey routing, which involves sending bulk SMS messages that manipulate weaknesses in phone networks for the use of SIM farming.[9] Given the widespread use of apps like TikTok, it is critical for governments to establish stricter regulations and guidelines to safeguard users. Countries such as the UK and Turkey, where TikTok is considered a foreign platform, must ensure that app developers are held accountable for securing their systems against potential cyberattacks. Data breaches around elections can lead to misinformation, voter manipulation, and other ways of interference that undermine the democratic process.[10] The failure to address a breach of this magnitude highlights vulnerabilities in social media platforms and the need for stronger security measures. It also highlights the potential for similar attacks to occur in other countries, affecting the security of social media users worldwide.
The rise of social media has also led to an alarming increase in election interference.
The Real Damage to Our Democracy
In the June 2024 European Union election, the Union’s 27 member states set the priorities and political direction of the bloc for the next five years. Given the stakes of such an influential election, the risk of cyber-attacks aimed at interference was high. According to CNN, waves of cyberattacks targeted key institutions and individuals in the days leading up to the election. Major targets included politicians and parliaments, with incidents ranging from hacks of individual lawmakers’ phones to massive data breaches affecting thousands of personnel.
In the months preceding the election, there were notable instances of non-EU states attempting to disrupt the electoral process through cyberattacks. For example, on February 21, 2024, the European Parliament reported that Israeli spyware, Pegasus, was discovered on the devices of two EU members. The spyware’s purpose appeared to be related to gathering sensitive information connected to the EU elections. As one lawmaker, Yocheved, pointed out, this type of attack was “nothing new”.[11] Shortly afterwards, on March 3, German authorities began investigating a Russian-sourced leak of a 38-minute Top Secret audio recording in which four top military officers discussed their support for Ukraine, including the potential use of Taurus missiles against Russia. The investigation also linked a string of scandals in Spain, Greece, Hungary, and Poland to the abuse of similar hacking tools for political purposes.[12], [13]
These cyberattack incidents demonstrate that election officials and lawmakers are prime targets for malicious actors. For instance, in the German incident, the objective of the Russian hackers may have been to undermine support for Ukraine ahead of the elections. While these attacks may not always have explicit goals, they reflect a concerning trend in which sensitive information about political campaigns and voter preferences becomes a prime target. By compromising lawmakers and election officials, attackers can gain access to information that may later be used for manipulation, blackmail, or swaying public opinion. Ultimately affecting the integrity of the electoral process. Even without directly altering votes, such cyber intrusions can destabilise democratic institutions and shift political outcomes, making election officials and lawmakers indirect but essential targets for those looking to influence elections.
Cyberattack incidents demonstrate that election officials and lawmakers are prime targets for malicious actors.
What Can the U.S. Do About It?
The U.S. Election Assistance Commission (EAC) has implemented systems to ensure the security and integrity of voting equipment and software through a detailed certification process. The EAC partners with accredited labs to rigorously test and certify voting machines and software under numerous scenarios. This ensures that regardless of the version of the voting systems, they meet a high standard of reliability and security before earning the EAC’s official seal of approval. These tests include performance and stress testing of both hardware and software, ensuring they meet operational standards and are safe for use by election personnel.
However, with new cyber-influence threats like DRAGON BRIDGE, it’s crucial to go beyond equipment testing and secure the election infrastructure against influence operations. DRAGON BRIDGE, suspected to be linked to foreign state actors, uses social media and other platforms to spread disinformation and influence voter sentiment. To combat this, a thorough investigation into their influence tactics, narratives, and targets is needed, alongside an assessment of potential vulnerabilities in voter registration databases and voting machine networks to detect and block any cyber intrusions.
Historically, implementing comprehensive election security measures has faced hurdles, partly because cybersecurity threats evolve rapidly, sometimes outpacing defence measures. Financial constraints have also delayed protective enhancements.[14] The 2020 U.S. election amounted to an unprecedented $14 billion in expenditures collectively, according to BBC News; it was also said that the majority of the funding went directly toward campaign activities rather than to critical infrastructure updates, including the much-needed modernisation of voting machines and election security systems. This investment disparity focuses on influencing voter decisions rather than protecting the voting infrastructure itself.[15] Campaigns prioritised funding for advertising, outreach, and political messaging, often supported by wealthy donors, citizen contributions, and external organisations, which left relatively limited resources for election system upgrades. This funding allocation suggests that securing votes for candidates received more attention than securing the voting process for the American public.
Campaigns prioritised funding for advertising, outreach, and political messaging, often supported by wealthy donors, citizen contributions, and external organisations.
Election security experts have raised concerns that outdated voting systems can be vulnerable to both technological failures and potential cyberattacks. Modernising these systems is critical not only for ensuring accurate vote counts but also for building public trust in election integrity. While campaign funding can have an immediate impact on voter turnout and candidate support, investing in secure, resilient election systems is essential to protect the democratic process itself. To address these challenges, Geoff Hale, Head of the U.S. Election Security Resistance Team, has advocated for stronger protections. Key strategies include:
- Access Management: Restricting physical and network access to critical systems to prevent unauthorised intrusion.
- Identity Verification: Using verified credentials and secure communication channels (e.g., .gov emails) to reduce impersonation risks.
- Vulnerability Testing: Conducting regular risk assessments, penetration testing, and utilising EIIC guidelines to identify and mitigate potential vulnerabilities.
Looking forward, implementing measures such as port blockers for managed access and real-time monitoring systems will likely play an essential role in protecting election infrastructure from both direct cyberattacks and influence operations.[16], [17]
While proposed election security measures from the U.S. Election Assistance Commission (EAC) offer valuable protection, their effectiveness relies heavily on consistent execution by users and election officials. As noted in the Mandiant Q2 2024 Briefing on U.S. Election security, recent recommendations reflect lessons learned from past security failures, including pro-Russia hacktivist attacks targeting the EU and cyber vulnerabilities exposed during the 2022 U.S. midterm elections. In both cases, underfunded systems and overwhelmed electronic poll books highlighted vulnerabilities that could have been mitigated with more robust security resources and proactive strategies. Past issues with election infrastructure underscore the importance of stable funding and a proactive security approach. When electronic poll books, for instance, experience connectivity or capacity failures, they can disrupt the voting process, erode voter confidence, and even potentially disenfranchise voters. By consistently implementing and funding comprehensive security solutions, the EAC and other election security bodies could better safeguard against such operational failures and provide a more secure voting environment. These measures, while beneficial, are not foolproof. The success of security protocols depends largely on election worker’s adherence to best practices, including regular system updates, secure configurations, and real-time monitoring for any breaches. Given the stakes, a proactive approach that prioritises funding for security infrastructure is essential to ensure the voting process remains secure and resilient against increasingly sophisticated cyber threats.
Disrupting Democracy
Various collaborative initiatives are already in place to address the pressing issue of election security. Governments, tech companies, and citizens are actively working together to share information and strengthen defences against cyber threats. For instance, the United Kingdom’s National Cyber Security Center (NCSC) operates the Cyber Security Information Sharing Partnership (CISP), which facilitates communication between public and private sectors to exchange critical threat intelligence. In the United States, the Cybersecurity and Infrastructure Security Agency (CISA) focuses on protecting critical infrastructure, including election systems, by providing guidelines and support to state and local officials. Additionally, the European Union offers platforms where both public and private entities can share decryption tools and strategies to recover from ransomware attacks, enhancing collective resilience against cyber incidents.[18] Although significant upgrades in election security have been made, ongoing planning, funding, and vigilance remain crucial.
Although significant upgrades in election security have been made, ongoing planning, funding, and vigilance remain crucial.
While these efforts are commendable, there are opportunities for further improvement. One key proposal is to establish a centralised threat intelligence platform that integrates insights from the U.S., UK, and EU, providing real-time updates on emerging threats specific to election security. Expanding cross-border collaborations can enhance the sharing of best practices and response strategies among nations. Furthermore, allocating dedicated funding for proactive security measures, such as upgrading voting technology and training election personnel, is essential. Regular independent vulnerability assessments can also help identify and address weaknesses in election systems before they can be exploited. Implementing these strategies would strengthen the collective ability to protect elections from evolving cyber threats and enhance public confidence in the electoral process.
Joshua Paul-Mendoza is a Homeland Security Major with a Focus in Cyber Security & Social Work at Roberts Wesleyan University in the U.S. He has previously volunteered as a firefighter and participated in AFJROTC. Driven by a desire to combat human trafficking and fight against corrupt politics, Joshua aims to contribute to creating a more just and equitable world. He is currently interning with the Defense Horizon Journal to further his professional journey. The views contained in this article are the author’s alone.
[1] Jason Atwell, “Mandiant: Q2 2024 Briefing U.S. Election Assistance Commission (EAC),” U.S. Election Assistance Commission, 2024, https://www.eac.gov/sites/default/files/2024-10/Q2_2024_EAC_Intelligence_Briefing.pdf.
[2] Mandiant Intelligence, “Pro-PRC DRAGONBRIDGE Influence Campaign Leverages New TTPs to Aggressively Target U.S. Interests, Including Midterm Elections,” Google cloud, October 26, 2022, https://cloud.google.com/blog/topics/threat-intelligence/prc-dragonbridge-influence-elections.
[3] Nicole Sganga, “China-linked influence campaign targeting U.S. midterms, security firm says,” CBS News, October 26, 2022, https://www.cbsnews.com/news/dragonbridge-china-us-midterm-elections-influence-campaign-mandiant/.
[4] Erica York, “Tarriff Tracker: Tracking the Economic Impact of the Trump Biden Tariffs,” Tax Foundation, June 26, 2024, https://taxfoundation.org/research/all/federal/trump-tariffs-biden-tariffs/.
[5] Statista Research Department, “Number of followers on Twitter for major political party leaders in the United Kingdom as of February 2024,” Statista, February 14, 2024, https://www.statista.com/statistics/1078297/most-followed-uk-political-leaders-on-twitter/.
[6] Alberto Medina, Sara Suzuki, “41 Million Members of Gen Z Will Be Eligible to Vote in 2024,” Circle, October 18, 2023, https://circle.tufts.edu/latest-research/41-million-members-gen-z-will-be-eligible-vote-2024.
[7] Digital Desk, “In Turkey, 700,000 TikTok accounts were compromised by a hack ahead of elections: Report,” Republic world, July 19, 2023, https://www.republicworld.com/world-news/in-turkey-700000-tiktok-accounts-were-compromised-by-a-hack-ahead-of-elections-report-articleshow.
[8] Abhinav Singh, “Turkey: 700,000 accounts were hacked ahead of presidential elections, according to says report,” WION, July 19, 2023, https://www.wionews.com/world/over-700000-tiktok-turkish-accounts-were-hacked-ahead-of-presidential-elections-report-617276/amp.
[9] Idem.
[10] Luke McGee, “European Parliament elections: What’s at stake in the world’s biggest multi-country vote,” CNN News, June 6, 2024, https://amp.cnn.com/cnn/2024/06/06/europe/european-parliament-elections-2024-explained-intl.
[11] Seb Starcevic, “Timeline: Europe Under Cyber siege in 2024,” Politico, May 09, 2024, https://www.politico.eu/article/europe-cyberattacks-russia-china-uk-ministry-of-defence-hacks.
[12] Antoaneta Roussi, “Brussels spyware crisis expands: Two MEPs hit in phone-hacking security breach,” Politico, February 22, 2024, https://www.politico.eu/article/nathalie-loiseau-elena-yoncheva-pegasus-spyware-european-parliament-security-defense-subcommittee/.
[13] Seb Starcevic, Timeline: Europe Under Cyber Siege in 2024,
https://www.politico.eu/article/europe-cyberattacks-russia-china-uk-ministry-of-defence-hacks.
[14] USEAC, “Election Security Preparedness,” United States Election Assistance Commission,” September 09, 2024, https://www.eac.gov/election-officials/election-security-preparedness.
[15] USEAC, “Election Security,” United States Election Assistance Commission, October 10, 2024, https://www.eac.gov/voters/election-security.
[16] J. Atwell, Mandiant: Q2 2024 Briefing- U.S. Election Assistance Commission (EAC), https://www.eac.gov/sites/default/files/2024-10/Q2_2024_EAC_Intelligence_Briefing.pdf.
[17] EAC, “Cybersecurity: Artificial Intelligence,” 60-Second Security Series, April 2024, https://www.eac.gov/sites/default/files/2024-04/Security_AI_508.pdf.
[18] Europol, “No More Ransom- do you need help unlocking your digital life?,” December 06, 2021, https://www.europol.europa.eu/operations-services-and-innovation/public-awareness-and-prevention-guides/no-more-ransom-do-you-need-help-unlocking-your-digital-life.
