The new focus of China in U.S. elections interference is not limited to the Harris-Trump presidential race.

• China is now focusing its efforts to impact the results of U.S. elections on state and local candidates instead of the presidential race.
• The former executive director of the Cybersecurity and Infrastructure Security Agency stated that while Russia, China, and Iran are all aiming to cause conflict in the U.S., China is the most strategic of the three.
• National races receive more scrutiny than local and state elections, making it harder for China's influence campaigns to go unnoticed.

As the U.S. presidential election nears, intelligence officials have issued a warning that China is shifting its influence tactics from the presidential race to targeting state and local candidates.

Beijing is concentrating on developing connections with local officials as part of a broader plan to advance its interests, since Washington is largely opposed to its agenda.

"According to Brandon Wales, vice president of cybersecurity strategy at and former executive director of the Cybersecurity and Infrastructure Security Agency (CISA), Russia, China, and Iran are all looking to sow discord in the U.S., but China is the most strategic of the three in terms of long-term goals. Russia and Iran, on the other hand, are focused on chaos."

National races receive more scrutiny than local and state elections, making it easier for China's influence campaigns to go unnoticed. While national attention focuses on China's cyberthreats, economic espionage, and aggressive diplomacy, its efforts to shape the U.S. political ecosystem by cultivating relationships with local politicians are more insidious.

""The lack of focus on Chinese efforts to shape the U.S. political environment is a long-term problem," said Wales."

One of China's main methods for affecting U.S. elections is through disinformation, which aims to create a divided political climate that weakens both national resilience and cybersecurity efforts. According to Javad Abed, professor of information systems at Johns Hopkins Carey Business School, these operations are often subtle, involving the spread of false stories or memes that spark debate and controversy. The ultimate goal is to distract from international issues and reduce U.S. influence abroad.

During a recent election security briefing, U.S. intelligence officials stated that these actors are likely to believe that amplifying divisive rhetoric and controversial issues can benefit them by making the U.S. and its democratic system appear weak and by diverting the government's attention from pushing back on their hostile behavior globally.

One way China exerts its influence is through disinformation campaigns that exploit divisive issues such as immigration, racial justice, and economic inequality. Abed explained that China uses online platforms to spread false narratives about U.S. border challenges or social justice movements, such as the George Floyd protests. By manipulating public discourse, experts said China aims to amplify discord on sensitive topics while diverting attention from international matters.

In August, Microsoft revealed in its Threat Intelligence Report that one of China's influence campaigns, Taizi Flood, involved hundreds of fake accounts posing as real protestors during pro-Palestinian protests at U.S. universities. These actors spread inflammatory messages that intensified tensions and widened divisions among political groups. By mimicking legitimate activists, the Taizi Flood campaign amplified unrest, making it challenging for Americans to distinguish truth from falsehood.

Another significant Chinese-led operation is Spamouflage, or Dragonbridge, which has been active since at least 2017. This campaign employs thousands of fake accounts on over 50 platforms to infiltrate political discussions in the U.S., spreading propaganda and divisive messages while discrediting politicians. Spamouflage's ability to penetrate local and national dialogues underscores the scale of China's long-term influence strategy.

Alphabet, Meta, Microsoft and false information

The Senate Select Committee on Intelligence has put pressure on Alphabet, Meta, and Microsoft to address the spread of false information on their platforms. In a recent hearing, Alphabet president Kent Walker revealed that the company has more than 500 analysts and researchers tracking between 270 and 300 foreign cyberattack groups. However, controlling the full scope of foreign influence operations remains a challenge. Chairman of the Senate Intelligence Committee Mark Warner expressed concerns over Congress's failure to implement new regulations to prevent AI-generated disinformation from spreading as the election approaches.

Disinformation campaigns can have real-world consequences, including swatting calls, bomb threats, and intimidation tactics aimed at election officials, according to John Cohen, executive director of the Program for Countering Hybrid Threats at the Center for Internet Security.

Cohen stated that informational operations have been used in conjunction with demonstrations to incite violence and target election and government officials.

As AI-generated misinformation becomes harder to distinguish from reality, Cohen expressed concern about its impact on public trust in the election process. He stated that cyber threat actors can use AI to quickly develop attack techniques and modify them at computer speeds to evade security measures.

"Cohen stated that he has been working in law enforcement and homeland security for over 40 years, but what worries him the most is the threat actors' ability to adapt their attack techniques at internet speed. He believes that our investigative activities and threat-mitigation activities are still operating at analog speed, which is not fast enough to match the threat actors' speed. Cohen emphasized that this has to change."

Mitigating cybersecurity risk on Election Day

Cohen emphasized the need for local and state election officials to take proactive measures to safeguard their election systems, including updating endpoint detection systems and being prepared to respond promptly to cyber threats.

"Cohen advised that election officials must develop plans to protect against physical world and cyber incidents that may occur on Election Day. They should ensure good lines of communication between election officials, emergency managers, law enforcement, and cybersecurity leads for each jurisdiction."

Wales emphasized the significance of state and local election officials taking part in national information-sharing initiatives, including the Election Infrastructure Information Sharing and Analysis Center and the Multi-State Information Sharing and Analysis Center. These programs offer real-time threat intelligence, enabling local officials to better respond to emerging threats and safeguard election systems.

Wales emphasized that the duty to combat disinformation extends to both officials and the general public, stating, "It's crucial for everyone to be mindful before sharing information, as it can have severe consequences."