How Cybercriminals Will Sway 2024 US Elections, or Try To

"Coordinated inauthentic behavior" networks are already attempting to build up audiences for their campaigns via fake news outlets, social media platforms, and other avenues.

5 Min Read
The word doppelganger highlighted in a dictionary
Source: Casimiro PT via Shutterstock

Foreign interference actors, mostly operating out of Russia, Iran, and China, are ramping up efforts to influence US audiences ahead of 2024's national elections.

One prime example is Doppelganger, a Russia-based influence operation that has established several inauthentic news sites and social media accounts to disseminate stories designed to stoke political and social divisions in the US in the run-up to the elections.

The Doppelganger Effect

A December 2023 report from Recorded Future identified the Doppelganger group using three sites — each one purporting to be a legitimate news outlet — for the operation. Recorded Future found one of the sites, dubbed mypride[.]press, actively spewing out hostile rhetoric about the LGBTQ+ community. Another site, called warfareinsider[.]us, appeared focused on sowing doubt over US military capabilities and its policies on international conflicts. A third site, electionwatch[.]live, actively pushed out articles on the US elections and politics.

Each of the sites appeared set up to promote what Recorded Future described as "malign narratives" to undermine public confidence and stir up animosity domestically on key issues. Articles on mypride[.]press, for instance, tended to portray LGBTQ+ activism, the US military's inclusivity efforts, and education programs in schools as a net negative and source of social discord. Similarly, articles on warfareinsider[.]us had themes such as the US running out of ammunition because of its support for Ukraine and of China outpacing the US Navy on shipbuilding.

Recorded Future found stories on electionwatch[.]live to have the least amount of bias and obvious agenda. The threat intelligence company surmised that probably was because many of its stories are being AI-generated. The three sites are among many that Doppelganger is using to target a US readership.

"One key takeaway for US audiences is that Doppelganger is likely in a foundation-setting stage regarding the US election," says Brian Liston, senior threat intelligence analyst at Recorded Future. The effort appears to put into establishing some kind of content, growing an audience, and ensuring that content from each of the sites reaches a broad, mainstream audience. "As we head into 2024, this activity will likely ramp up as we approach election season."

Coordinated Inauthentic Behavior Networks

Doppelganger is an example of what Facebook parent Meta calls a coordinated inauthentic behavior (CIB) network. CIBs generally tend to engage in "coordinated efforts to manipulate public debate for a strategic goal," according to Meta. Such groups often use inauthentic news websites and fake accounts on social media platforms to engage with target audiences and to try to influence their behavior. For the past six years Meta has been tracking and kicking out users and groups from its various social media platforms engaged in such behavior.

Meta's most recent update on its efforts to deal with CIB activity, released in November, shared details of three separate influence operations that the company had dealt with recently. Two of the operations were based in China and a third was in Russia. One of the CIB networks targeted a US audience and involved 4,789 Facebook accounts supposedly belonging to American citizens. Meta's analysis showed the CIB operatives using the accounts to post stories about US-China relations and politics. In many instances the Facebook accounts merely cut-and-pasted verbatim posts from other people — including Elon Musk — on X, the platform formerly known as Twitter.

Meta has identified Russia, Iran, and more recently China as the primary sources of influence and misinformation campaigns. In addition to the US, target audiences for these campaigns have included populations in Ukraine — especially after the onset of the war with Russia — Germany, India, and Tibet. "Foreign threat actors are attempting to reach audiences ahead of next year’s various elections, including in the US and Europe, and we need to remain alert to their evolving tactics and targeting across the Internet," Meta said in its report.

Negligible Impact So Far

So far at least, many of these influence operations have gotten little traction. Recorded Future, for instance, found Doppelganger using as many as 2,000 social media accounts to promote its inauthentic stories and foreign interference efforts. In some campaigns the group has even spoofed websites of legitimate news organizations such as Fox News, Germany's Welt, and France's Le Parisien to try to get mainstream audiences to read its messaging. Despite such efforts, Doppelganger has elicited little engagement from legitimate social media users and viewership on its websites, and other metrics have been minimal, Recorded Future found.

"The traffic volume is relatively low right now, and the viewership of social media posts that redirect to either website is negligible," Liston says. "Actual engagement and organic amplification are lower than that." He attributes Doppelganger's failure to establish a meaningful audience to its spammy tactics for promoting its content.

One other notable ongoing Russian influence operation is the Foundation to Battle Injustice, an outlet that the late Russian oligarch Yevgeny Prigozhin once financed, Liston says. The outlet still publishes content critical of the US justice system, law enforcement, and political persecution to negatively influence public opinion.

"Russia will almost certainly conduct malign influence to shape or disrupt the 2024 US elections, based on an established precedent," he says, referring to the country's interference in the 2016 and 2020 elections.

'Perception Hacking'

Expect to also see Chinese and Iranian groups engaging in influence operations as well, Liston cautions. While China's CIB networks will try to shape the US elections to their goals, it is unlikely they will indulge in any disruptive activities that are likely to damage the country's image internationally. Meanwhile, Iran's interference in the 2020 elections means it will almost certainly try again in 2024 as well, Liston says.

While it is uncertain what impact these campaigns will have, expect to see influence operators engage in "perception hacking," or garnering influence by fostering the idea that such influence operators are everywhere, Meta said in its third-quarter report. Such perception hacking can sow doubt and mistrust in the US election and democratic processes more effectively than the actual influence campaigns themselves, Meta said.

"During previous US election cycles, we identified Russian and Iranian operations that claimed they were running [influence] campaigns that were big enough to sway election results, when the evidence showed that they were small and ineffective."

About the Author

Jai Vijayan, Contributing Writer

Jai Vijayan is a seasoned technology reporter with over 20 years of experience in IT trade journalism. He was most recently a Senior Editor at Computerworld, where he covered information security and data privacy issues for the publication. Over the course of his 20-year career at Computerworld, Jai also covered a variety of other technology topics, including big data, Hadoop, Internet of Things, e-voting, and data analytics. Prior to Computerworld, Jai covered technology issues for The Economic Times in Bangalore, India. Jai has a Master's degree in Statistics and lives in Naperville, Ill.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights