Each critical infrastructure sector has unique dependencies, and the elections infrastructure sub-sector is especially complex. Since 2016, LookingGlass has been monitoring risks across the elections infrastructure with comprehensive external attack surface management, global internet insight, and deep, dark web capabilities. In this brief, Critical Infrastructure Cybersecurity Risk Monitoring Elections Infrastructurewe share how LookingGlass has helped, and continues to help, organizations tackle election infrastructure cyber risk and monitoring.


An attack on the election infrastructure has always been at the forefront of cybersecurity expert’s minds, but their worries became reality at the 2016 election due to Russian interference. Efforts were increased by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) as they took on the challenge to ensure that the 2020 election was fair and free.  

DHS CISA ran a broad campaign to protect the 2020 elections, but the complexity of elections in the U.S. meant these efforts had to be nuanced and deliberate. There were 8,000 state and local government election jurisdictions within the sub-sector, and with each state and local jurisdiction acting under vastly different laws, this diversity created a challenging, massive attack surface to monitor.  


With LookingGlass’s capabilities, analysts were able to monitor and assess cyber risks to the elections sub-sector to enable organizations to measure how they compared to the sector overall. Some of the key capabilities LookingGlass employs to support election infrastructure security missions include: 

  • Attack surface enumeration across election network infrastructure, with cyber threat intelligence overlayto identify attack vectors
  • Automated analysis and reporting 
  • Cyber Intelligence Knowledge Management 

To learn more about these capabilitiesdownload the full brief 


Across multiple election cycles, LookingGlass has provided actionable threat intelligence to various clients with missions to ensure secure elections. These findings and analysis enabled significant mission outcomes.

For example, LookingGlass developed a proactive early warning system by tracking newly registered domain names associated with elections. Since 2018, LookingGlass has identified nearly 200,000 suspicious or potentially malicious domains as part of its efforts to help protect elections infrastructure. This helped LookingGlass customers improve their time-to-respond by jumpstarting cyber investigations – whether those investigations were tied to election-related fraud (e.g., fake websites masquerading as legitimate voter registration websites) or more traditional cyber criminal attacks (e.g., websites set up to steal credit card information). 


This was just one major outcome that LookingGlass enabled.  

With an outside-in perspective of digital infrastructure and tools to support adversarial capability modeling, LookingGlass can provide sector assessments that highlight where a sector and organization should focus its cybersecurity efforts. Download the complete brief, Elections Infrastructure Solutions Brief, to learn more about LookingGlass’s findings and to find out how we can help your organization.

For organizations interested in learning how they can best determine where to focus their cybersecurity efforts, contact us today