The 2022 U.S. midterm elections are nearly upon us, and just as in previous election cycles, there are people and foreign governments who have an interest in the outcome. If past election cycles are any indication, there is a strong possibility of propaganda and misinformation spreading across the internet and social media. Accompanying these risks is the potential for cyberattacks that could be detrimental to businesses. Let's go into what we can expect as the 2022 midterms approach.
Domestic threats against election workers intensify
Rumors — virtually all of them unsubstantiated — of voter fraud were pervasive throughout the 2020 election, and misinformation still persists going into the 2022 midterms. The effect has been a wave of physical threats against election workers, causing the Department of Justice to launch a task force in July 2021 meant to protect these individuals from harm. Christopher Wray, director of the FBI, stated that making sure election workers feel safe coming to work is a focus going into the midterms.
However, businesses — especially those with government contracts or any connections to the management of voting and election data — are likely to face the most active threats in the realm of the internet.
For example, there has been a recent surge in phishing scams targeting election workers, notably in two battleground states: Pennsylvania and Arizona. According to research done by cybersecurity firm Trellix, there was a 104% increase in phishing attacks from the second to the third quarter of the year. In addition, there was a 69% increase in scams: Authorities noted nearly 8,000 scams targeting these workers right before the May 17 primaries. Most of these were attempts at gaining passwords and included poisoned links.
A second example is that of the alleged ransomware attack on CommonSpirit Health, which is the second-largest nonprofit hospital chain in the U.S. This occurred about a month before the midterms are scheduled to take place and could threaten the lives of patients. The extent of damage hasn't been explicitly stated, though a statement was published stating that some of its internal systems had to be taken offline, which could include electronic health record and "other systems."
International threats using informational operations strengthen
Voter disinformation efforts in the U.S. stem from both domestic and foreign sources. In the latter category, Russia, China and Iran have the most well-documented reputations for such actions: disinformational operations designed to influence voters' opinion and increase divisiveness.
Technology company Mandiant followed two specific examples of foreign interference, each a product of the Russian Internet Research Agency (IRA). The IRA has a history of using social media and fake news sources for propaganda and influence campaigns to further the interests of Russian businesses and politicians, especially in the 2016 and 2020 U.S. presidential elections. The two profiles in question are known by their handles "Alan Krupka" and "Niels Holst." These fictional people pose as editors for the nonexistent news agency called the Newsroom for American and European Based Citizens (NAEBC). Each has been posting opinions about political topics in the U.S., such as Russia's invasion of Ukraine, energy prices, the economy and the midterm elections that have been circulating through social media.
Meanwhile, a cybercriminal group consisting of thousands of accounts on social media networks, referred to as Dragonbridge, is attempting to promote the interests of the People's Republic of China. They have promoted content related to common themes surrounding the midterms, including economics and social issues. Their targets lately have focused on rare-earth miners in an attempt to stir up protests, which would disrupt the electronics industry and others who require the materials these miners discover.
Last but not least, Iranian misinformation actors maintain a fake news site called EvenPolitics to promote Iran's political interests and spread them throughout social media. This outfit specializes in taking news stories from other sources such as The Guardian and The Week and altering them.
How domestic and international threats tie together
Foreign actors are well aware of the lack of trust some have in U.S. electoral systems because of misinformation, and wish to amplify it. The FBI and Cybersecurity and Infrastructure Security Agency (CISA) have both warned that foreign actors might try to incite violence before the midterm elections. This would involve spreading disinformation about the integrity of American elections with false claims of widespread voter fraud or election fraud across social networks.
Attacks on U.S. elections are not new, though they've recently been ramped up by domestic actors and foreign entities. Those that are responsible for running these elections have been making efforts to recognize and combat all threats. Yet these efforts are ongoing and it's all but impossible to catch every act of online or in-person election malfeasance.