The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) assess that any attempts by cyber actors to compromise election infrastructure are unlikely to result in largescale disruptions or prevent voting. As of the date of this report, the FBI and CISA have no reporting to suggest cyber activity has ever prevented a registered voter from casting a ballot, compromised the integrity of any ballots cast, or affected the accuracy of voter registration information. Any attempts tracked by FBI and CISA have remained localized and were blocked or successfully mitigated with minimal or no disruption to election processes. The public should be aware that election officials use a variety of technological, physical, and procedural controls to mitigate the likelihood of malicious cyber activity (e.g., phishing, ransomware, denial of service, or domain spoofing) affecting the confidentiality, integrity, or availability of election infrastructure systems or data that would alter votes or otherwise disrupt or prevent voting. These include failsafe measures, such as provisional ballots and backup pollbooks, and safeguards that protect against voting malfunctions. Given the extensive safeguards in place and distributed nature of election infrastructure, the FBI and CISA continue to assess that attempts to manipulate votes at scale would be difficult to conduct undetected. Election systems that house voter registration information or manage nonvoting election processes continue to be a target of interest for malicious threat actors. Cyber actors may also seek to spread or amplify false or exaggerated claims of cybersecurity compromises to election infrastructure; however, these attempts would not prevent voting or the accurate reporting of results.
Analyst Notes
As for what people can do to protect themselves from potential attempts of election-related fraud, the FBI has issued the following recommendations:
• For information about registering to vote, polling locations, voting by mail, provisional ballot process, and final election results, rely on state and local government election officials.
• Remain alert to election-related schemes which may attempt to impede election administration.
• Be wary of emails or phone calls from unfamiliar email addresses or phone numbers that make suspicious claims about the elections process
• Do not communicate with unsolicited email senders, open attachments from unknown individuals, or provide personal information via email.
• Verify through multiple, reliable sources any reports about compromises of voter information or voting systems.
• Be cautious with websites not affiliated with local or state government that solicit voting information, like voter registration information.
• Report potential crimes—such as cyber targeting of voting systems—to your local FBI Field Office.
• Report cyber-related incidents on election infrastructure to your local election officials and CISA
https://www.bleepingcomputer.com/news/security/fbi-cyberattacks-targeting-election-systems-unlikely-to-affect-results/
https://www.ic3.gov/Media/PDF/Y2022/PSA221004.pdf
