Cyber threats to elections

Cyber threat activity targeting democratic processes is on the rise worldwide. Leading up to and during an election, cyber threat actors may launch cyber attacks to:

  • disrupt election infrastructure
  • steal sensitive information
  • infect democratic institutions with malware

Cyber threat actors targeting elections also engage in online influence campaigns to:

  • influence voters
  • spread disinformation about the election
  • potentially discredit the voting process

Any of these actions can undermine public confidence in the election results.

On this page

Reports on cyber threats to Canada’s democratic process

The Cyber Centre’s reports on cyber threats to Canada’s democratic process aim to inform Canadians about the global trends in cyber threat activity targeting national elections and their potential impacts on Canada.

How threat actors target elections

Threat actors can use a variety of tools online to:

  • disrupt election infrastructure using distributed denial-of-service (DDoS) attacks
  • compromise or mimic user identities to spread disinformation on social media or perpetuate voter fraud
  • exploit remote work environments to compromise systems and gain unauthorized access to election management or political party systems
  • launch online foreign influence campaigns to discredit the democratic process
  • use ransomware-based attacks to disrupt access to election data and systems leading to interruption of election services
  • generate synthetic content using artificial intelligence to covertly manipulate information online and influence voter opinions and behaviours

How to protect your systems and data

  • Patch election and IT systems regularly and avoid using outdated software and hardware systems
  • Enable multi-factor authentication on social media and email accounts
  • Use strong passwords and passphrases to secure access to social media and email accounts
  • Avoid sharing passwords and ensure each user has unique credentials associated with their access
  • Train your staff on basic cyber security best practices, including procedures for identifying and handling suspicious emails
  • Implement a high availability and disaster recovery strategy

Guidance and training on cyber threats to elections

The Cyber Centre is committed to raising awareness of cyber threats to Canada and protecting the integrity of Canadian elections. Below you’ll find links to tailored guidance and training to help you mitigate the impacts of cyber threats to elections, whether you’re a member of a political party, a voter, an election authority or a vendor.

Guidance for political parties

Cyber actors target political party candidates, political party members, elected representatives and their staff.

The following resources provide advice and guidance for those involved in politics:

Guidance for voters

Voters can be targets of online influence campaigns aimed at undermining public confidence in the electoral process. Such campaigns can use social engineering, disinformation and generative AI to influence voters’ opinions and behaviours.

The following resources provide advice and guidance for voters:

Guidance for election authorities

Election management authorities and their staff interact with a vast array of sensitive and personal information. Threat actors could target this information using techniques such as ransomware, distributed denial-of-service campaigns and spear phishing.

The following resources provide advice and guidance for election authorities:

Guidance for vendors

Private sector organizations involved in delivering election-related services could also be targeted by cybercriminals for financial gain. This may directly or indirectly impact on front line electoral services.

The following resources provide advice and guidance for vendors:

Training for democratic institutions

The Cyber Centre’s Leaning Hub offers a self-paced 30- to 60 -minute online course that provides Canadian democratic institutions workers with the tools and knowledge they need to make educated decisions about securing their IT infrastructure. This course requires a Learning Hub account.

 

Additional cyber security resources

Many cyber threats can be mitigated through awareness and best practices in cyber security. These additional resources can help you reduce the risks associated with cyber threats to elections.

Report a cyber incident

Reporting a cyber incident helps the Cyber Centre keep Canada and Canadians safe online. Your information will enable us to provide cyber security advice, guidance and services.

Get Cyber Safe

Get Cyber Safe is a national public awareness campaign created to inform Canadians about cyber security and the simple steps they can take to protect themselves online.

 
Report a problem on this page

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Please select all that apply:

Thank you for your help!

You will not receive a reply. For enquiries, please contact us.

Date modified: