The Trump campaign was hacked, compromising some internal communications. Trump campaign spokesperson, Steven Cheung, stated, “These documents were obtained illegally from foreign sources hostile to the United States, intended to interfere with the 2024 election and sow chaos throughout our Democratic process. On Friday, a new report from Microsoft found that Iranian hackers broke into the account of a ‘high ranking official’ on the U.S. presidential campaign in June 2024, which coincides with the close timing of President Trump’s selection of a vice presidential nominee.”

Preparing for election threats

Although the campaign asserts that Iran is to blame, no threat actor has been officially verified. Whether or not the threat actor turns out to be a foreign state actor or a domestic actor, political campaigns are encouraged to prepare for the possibility of foreign threats. 

Aleksandr Yampolskiy, CEO of SecurityScorecard, comments, “Foreign state actors and adversaries will inevitably try to infiltrate political campaigns. Therefore, adopting a resilience mindset — instead of robustness mindset — is essential. 

“Assume that an attacker will sooner or later break into your campaign’s infrastructure, but make it difficult for hackers to extract valuable information. One effective tactic is using “decoy documents” to trigger alerts when an unauthorized user accesses them or to confuse hackers by blending decoys with real data.

“Securing the IT infrastructure of state governments is crucial for maintaining election integrity, especially in battleground states. Unfortunately, public sector systems are often complex and slow to secure. Attackers only need one weak spot to exploit, while defenders must secure every potential vulnerability.

“Many attacks rely on sophisticated phishing emails or deepfake audio and video to trick campaign staff into divulging sensitive information or infecting their computers. As the saying goes, ‘What you can’t measure, you can’t improve.’ It’s vital for the public sector to use security KPIs to measure and manage risk effectively.”

Increasing election security vigilance 

As the elections draw closer, government entities and election officials must increase vigilance. Max Gannon, Cyber Intelligence Team Manager at Cofense, remarks, “Government targets always need to be well protected, but around election time security becomes even more important as threat actors often target them more than usual. This is particularly a problem for smaller county-level government employees who may not have the resources or training that members of larger political campaigns often do. While compromising a target like a local government employee may not seem like a threat to large-scale political campaigns, it gives threat actors access to a verified .gov email account which can enable them to produce significantly more effective spear phishing emails when they attack their primary targets. The tactic of using a hyperlink to direct traffic to a threat actor-controlled domain that steals credentials and then redirects to the legitimate website is not new but it is a tactic that is far more effective than simply ending the attack chain with a 404 like threat actors used to do.”