A report published today by Tidal Cyber, a provider of a cybersecurity posture management platform, identifies the U.S., United Kingdom, South Korea, India, Belgium, Pakistan, Belarus, Mexico, Georgia and Indonesia as the top 10 countries facing cyberthreats to the integrity of their elections.

Based on an analysis of tactics and techniques from dozens of previous instances of attempts to influence election outcomes since 2008, the report identifies Russia, China, Iran and North Korea as the primary sources of disinformation and espionage intended to disrupt electoral processes.

Countries that have the least ability to thwart these efforts are Pakistan, Indonesia, Venezuela, Uzbekistan, India, Belarus and Ethiopia, the report noted.

Scott Small, director of cyber threat intelligence for Tidal Cyber, said that given the number of elections occurring across the globe this year, efforts to disrupt elections will most likely increase exponentially this year.

The bulk of the efforts being employed to influence the outcome of elections revolve around phishing attacks to steal credentials. The goal is to gain access to applications and cloud services through which misinformation to, for example, reduce voter turnout can be more authoritatively spread, noted Small. In other instances, stolen credentials are being used to threaten election officials, he added.

At the same time, cybercriminals working on behalf of nation-states are looking to gain access to election systems to exfiltrate data and potentially change recorded votes. Others are also starting to create “deepfakes” using artificial intelligence (AI) tools that make it possible to create a video where, for example, president Joe Biden makes a statement when he never actually did so.

Government agencies worldwide are taking action to combat these threats. The Cybersecurity and Infrastructure Security Agency (CISA), for example, provides election security advisors to help better secure regional elections.

Most elections, however, are managed at the state and local levels, where resources are often limited. Election officials need to be trained on how to maintain cybersecurity hygiene, such as implementing multifactor authentication (MFA) to thwart phishing campaigns, noted Small.

Cybersecurity professionals, of course, could aid those efforts by volunteering their expertise. However, the challenge is there are generally strict regulations regarding who is allowed to see election data, which might limit the scope of those volunteer efforts, said Small.

The tactics and techniques being employed by cybercriminals are only going to evolve in the AI era. The most important thing is to have a set of well-defined strategies in place that enable election officials to respond adroitly despite the nature of the threat, regardless of whether it emanates from China, Russia or from within the U.S.

There’s little doubt that election integrity, as in previous years, will be a subject of discussion long after the election is concluded. In the meantime, it’s clear election interference is now a global concern that will most likely require more international collaboration to combat. After all, while politics might be local, the cybercriminals that pose these threats are not going to limit their activities to a single country.