As the 2024 US presidential election comes to a close, and with Donald Trump on the ballot once again, Russian actors are spreading disinformation with unprecedented and alarming intensity—and US officials say that the Kremlin’s efforts to undermine confidence in the election and foment unrest are likely to continue into January.
Russian disinformation operations have had a prominent presence in United States elections since the Kremlin’s sea-changing influence campaign during the 2016 presidential race between Hillary Clinton and Trump. But with so much scrutiny and investigation into that operation’s mechanics and impact—including the use of hack-and-leak tactics against the Democratic National Committee, Clinton campaign, and other targets—Russia was less technically aggressive and more focused on influence operations in the midterms and 2020 presidential election. That momentary respite is now over.
In calls with reporters on Monday night and Tuesday, as well as in public statements, US intelligence and law enforcement officials working on election security warned repeatedly that foreign influence actors including Iran, but “particularly Russia,” are ramping up their activity with an “increasing volume of inauthentic content online.” And while officials say they haven’t detected cyberattacks beyond floods of junk traffic, or DDoS attacks, attempting to knock election-related sites offline, Russian activity has become increasingly menacing.
On Tuesday morning, for example, Georgia secretary of state Brad Raffensperger attributed multiple bomb threats against two Georgia polling places to Russia. The threats were deemed non-credible, but they briefly disrupted voting at the two poll sites. The FBI added later on Tuesday that poll sites in “several states” faced non-credible bomb threats that appeared to “originate from Russian email domains.”
“It is a greater scope and scale of foreign influence operations we have seen in 2024 than in prior cycles, and yes, Russia presents, in terms of our adversaries, the greatest degree of capability and sophistication,” Cait Conley, senior adviser to the director of the Cybersecurity and Infrastructure Security Agency (CISA), told reporters in a call on Tuesday afternoon. “Overall, I think the range of tactics we are seeing being employed, and the level of sophistication, is greater than prior cycles.”
In a joint statement on Monday evening, the Office of the Director of National Intelligence, CISA, and the FBI emphasized that “Russia is the most active threat” to the US election. “Influence actors linked to Russia in particular are manufacturing videos and creating fake articles to undermine the legitimacy of the election, instill fear in voters regarding the election process, and suggest Americans are using violence against each other due to political preferences,” they wrote.
The agencies cited some specific examples of content from Russian influence campaigns. One was a fake interview with someone purporting to be a former aide to Arizona secretary of state Adrian Fontes, claiming a vast election fraud campaign involving the manufacture of fake overseas ballots. Another involved alleged Russian influence actors amplifying an article that falsely claimed US officials in swing states were committing election fraud using a variety of tactics, including ballot stuffing and cyberattacks.
A video claiming to show evidence of fraud in Georgia was also linked to “Russian influence actors” in late September. Last month, experts also credited Russia-aligned propaganda network Storm-1516 with amplifying baseless claims that Minnesota governor and vice presidential candidate Tim Walz previously assaulted one of his former students.
In a press release on Tuesday morning, the FBI also warned about two videos circulating online featuring fake press releases purporting to be from the bureau. Officials did not attribute the videos to a specific actor but said that both are “promoting false narratives surrounding the election.” One claims to be a terrorist warning from the FBI urging Americans to “vote remotely” due to “a high terror threat at polling stations.” The second video also contains a fabricated FBI press release and claims that the management of five prisons in Pennsylvania, Georgia, and Arizona “rigged inmate voting and colluded with a political party.”
US government officials have called out Russian influence operations and other foreign malign activity surrounding elections before, but never with the speed and consistency of this election cycle. The FBI has been putting out multiple alerts a week in recent weeks, and CISA alone is holding four briefings with the press on Tuesday along with an Election Threat Updates landing page to centralize information.
“It’s reassuring to see the attribution process move so quickly,” says John Hultquist, who leads threat intelligence at Google-owned cybersecurity firm Mandiant. “More than anything, the speed suggests a strong familiarity with threat actors who may be struggling to carry out a serious surprise and hide their hand in these operations. It’s important to expose these operations while taking care not to give them a boost. The biggest struggle for these actors is almost always their ability to generate attention.”
As CISA’s Conley told reporters, US foreign adversaries are focused on “undermining American confidence in American democracy and pitting Americans against one another … With all of the noise and disinformation out there, what Americans need to realize is that your state and local election official is the signal through that noise. That is your source for authoritative information on election security—on election administration. So if there are questions, that is who the American people should be turning to for the authoritative answers.”
You can follow all of WIRED’s 2024 presidential election coverage here.
GIPHY App Key not set. Please check settings