attacks”. And while nation states did not cause any disruption, it did find evidence of China and Lebanese
            Hizbullah taking steps to influence the election.

            With the election on the horizon, recognizing these looming threats will be critical. The landscape is
            complex and ever-evolving, marked by ransomware attacks on critical infrastructure, and the shadow of
            international geopolitical tensions. Identifying these nuances will be key to grasping the full scope of
            challenges that lie ahead.




            Ransomware: A continued threat to critical infrastructure

            Given the level of concern about electoral interference, the US government will certainly step up security
            measures to prevent threat actors from entering networks or disrupting proceedings during 2024. Last
            March, the White House unveiled its National Cybersecurity Strategy, which reclassified ransomware
            attacks as a tier one national security threat.

            As the election process goes on, ransomware will be a significant threat to critical infrastructure. Bridewell
            research, which surveyed 500 cyber security decision makers in the US transport and aviation, utilities,
            finance, government, and communications sectors, found organizations have suffered on average a total
            of  26  ransomware-related  security  incidents  in  the  last  12  months.  The  government  sector  alone
            witnessed an average of 22 attacks.


            Most respondents across IT and OT environments (64% and 59% respectively) agreed the volume of
            threats increased over the previous 12 months, with more than a quarter strongly agreeing. Even before
            the presidential campaigns began in earnest, organizations were repeatedly coming under siege from
            malicious actors exploiting a variety of vulnerabilities within their IT and OT infrastructure.

            As ransomware continues to pose a significant threat to critical infrastructure, it becomes imperative for
            organizations to enhance end-user awareness and implement proactive threat detection and response
            systems.



            Budgets and breaches: The financial barrier

            In the government sector, Bridewell found almost seven-in-10 organizations have seen a reduction in
            their cybersecurity budgets, and more than three-quarters have reported a surge in insider cyber threats.
            This is not good news for the protection of critical infrastructure and governmental functions against
            foreign state-affiliated groups. As if to confirm this, in October it was revealed that Russian hackers had
            breached 632,000 Department of Justice and Pentagon email addresses in an attack using the MOVEit
            file transfer programme that had probably occurred in May.

            Financial services organizations remained high on the list of targets attractive to groups, but 86% of these
            organizations told Bridewell they too had had cyber budget cuts. Spending may have come back up this
            year, but across the landscape there are likely to remain important areas of weakness.








                                                                                                            172