Election interference is any deliberate action that distorts voter behaviour, election operations, or public confidence in outcomes. It can include impersonation, disinformation, manipulation of official channels, and process abuse that does not necessarily change the vote tally but still harms integrity.
Expanded Definition
In the NHI and information integrity context, election interference refers to deliberate manipulation that targets trust, provenance, or access around an election, rather than only the final vote count. That can include impersonating election officials, hijacking official communication channels, seeding false claims about polling places, or abusing digital workflows that support voter registration, ballot tracking, and results reporting. The term overlaps with information operations and cyber-enabled disruption, but it is narrower when the objective is to alter election-related behavior or confidence.
Definitions vary across vendors and policy discussions, especially when a campaign mixes disinformation with account compromise or infrastructure tampering. For governance purposes, practitioners should treat election interference as a hybrid integrity threat that can involve both human-targeted messaging and NHI abuse, such as compromised service accounts, API keys, or admin tokens. The NIST Cybersecurity Framework 2.0 is useful here because it frames the need to protect identity, communications, and recovery pathways even when the attack does not create a classic availability outage. The most common misapplication is treating election interference as only voter misinformation, which occurs when organisations ignore the operational compromise of official systems and identities.
Examples and Use Cases
Implementing election-interference controls rigorously often introduces tighter verification steps and slower communications, requiring organisations to weigh message authenticity against response speed during fast-moving events.
- A bad actor compromises a municipal email account and sends fake ballot-location updates to voters, forcing election staff to revoke access, notify the public, and validate all outbound notices.
- An AI-generated impersonation of an election official appears on social media and mirrors the wording of legitimate advisories, demonstrating why provenance checks matter as much as content moderation.
- Attackers abuse API access to alter a public election-status dashboard, creating confusion even though tabulation systems remain intact.
- A campaign targets registration portals with automated requests and credential stuffing, turning identity abuse into a civic trust issue.
- Post-incident review shows that weak secret hygiene and broad privileged access enabled the compromise, a pattern consistent with findings in the Ultimate Guide to NHIs and with access-control expectations in NIST guidance.
Why It Matters in NHI Security
Election interference matters in NHI security because many of the systems that shape public confidence are operated by non-human identities: service accounts that publish updates, API keys that move information between platforms, automation that syncs records, and machine credentials that manage public dashboards. When those identities are overprivileged, poorly rotated, or stored insecurely, an adversary can distort process integrity without ever touching the ballot box. NHIMG research shows that 80% of identity breaches involved compromised non-human identities, which is a reminder that election-facing systems inherit the same identity risk profile as enterprise environments.
The governance lesson is that public trust depends on provable control of identity, messaging, and recovery. A compromised election workflow can be escalated by fake notices, delayed revocation, or broken chain-of-custody records, making detection and correction harder than the original intrusion. Organisational response should align with resilience principles in the NIST Cybersecurity Framework 2.0 and with the NHI hygiene described in the Ultimate Guide to NHIs, especially where privileged automation can impersonate trusted sources. Organisations typically encounter the operational cost only after a false announcement, account takeover, or dashboard tampering event, at which point election interference becomes unavoidable to address.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
OWASP Non-Human Identity Top 10 address the attack and risk surface, while NIST CSF 2.0 and NIST Zero Trust (SP 800-207) set the governance and control requirements practitioners need to meet.
| Framework | Control / Reference | Relevance |
|---|---|---|
| OWASP Non-Human Identity Top 10 | NHI-05 | Election workflows fail when non-human identities are overprivileged or abused. |
| NIST CSF 2.0 | PR.AC-4 | Identity and access governance underpins trust in election operations. |
| NIST Zero Trust (SP 800-207) | SC-2 | Zero trust helps limit lateral movement after compromise of election systems. |
Restrict and monitor service-account privileges that can alter election-facing systems.
Related resources from NHI Mgmt Group
Deepen Your Knowledge
Reviewed and updated by the NHIMG editorial team on June 20, 2026.
NHI Mgmt Group — the #1 independent authority on Non-Human Identity, IAM, and Agentic AI security. nhimg.org
