2024 Election Threat report
Highlighting Cybersecurity Risks for Campaigns and Party Offices
As we approach the 2024 election, malicious actors are intensifying their efforts to target political campaigns, parties, and related organizations. This report highlights key risks and vulnerabilities for campaign and party offices, identified through analysis of over 3,000 political domains across the country by the the VoterGuard Election Threat Monitoring Platform.
We are proud to partner with Defending Digital Campaigns to release this data, bringing greater awareness to digital vulnerabilities that expose political organizations to cyber threats.
Key Finding #1:
account exposure
Account exposure, when private information is accidentally or inadvertently made public, is one of the greatest risks to political organizations. VoterGuard’s data highlights national and state-level exposures that could jeopardize campaign operations and voter confidence.
VoterGuard’s data reveals over 66,000 exposed private accounts associated with political parties and campaigns across the U.S., averaging more than 1,300 accounts per state. These exposed accounts include not only email addresses but also phone numbers, physical addresses, and other private information made public due to improperly secured public files, old website directories, or vulnerable databases. Of even greater concern, over 27,000 of these accounts have appeared in data breaches, exposing account passwords and other sensitive personal information.
An analysis by Google found that exposed accounts are 5x as likely to be targeted by phishing compared to ordinary users.
A data breach is a cyber incident where personal information is stolen or taken from a system without the knowledge or authorization of the system's owners. Data breaches are becoming increasingly common, with at least 3,000 large-scale breaches occurring this year alone.
We identified sensitive information associated with over 27,000 accounts in data breaches, many with account passwords, financial details, and other highly-sensitive personal information exposed.
Targeted phishing attempts that leverage breached information to trick users through “spear phishing” attempts have a success rate of over 50%. Breached accounts also provide attackers a direct avenue to exploit a campaign’s digital infrastructure and potentially influence voter behavior.
To mitigate account exposure risks, campaigns should implement multi-factor authentication (MFA) wherever feasible, enforce strong password policies, and reset authentication credentials related to any accounts exposed in a data breach.
DMARC Implementation
Key Finding #2:
DMARC (Domain-based Message Authentication, Reporting, and Conformance) is a critical email authentication protocol that protects domains from phishing and spoofing attacks. However, many domains associated with political parties and campaigns still lack DMARC protection.
Our data shows that only 33% of domains at the state and local level have implemented DMARC protections for their email service. This leaves the majority of campaign-related email communications vulnerable to phishing and spoofing attempts, where attackers impersonate legitimate campaign email addresses to deceive staff or voters. Therefore, campaigns should prioritize DMARC adoption to secure their email domains, reducing the likelihood that attackers impersonate or exploit campaign staff and voters.
In partnership with Defending Digital Campaigns, ValiMail offers free DMARC support to political campaigns, making it easier for organizations to implement DMARC, safeguarding email communications against impersonation attacks.
Website Protection
Key Finding #3:
Public-facing campaign websites are targets for malicious actors as elections near. Websites serve as a critical touchpoint for voter engagement. Therefore, websites are a high-value target for attackers seeking to disrupt campaign operations through DDoS (Distributed Denial-of-Service) attacks or defacement.
Our analysis found that over 46% of state-level domains and more than 80% of local-level domains lack any form of website protection, leaving these sites vulnerable. A DDoS attack could knock campaign websites offline, preventing voters from accessing important information or campaign platforms. Protecting an organization’s web presence during crucial periods, such as elections, is a critical step in instilling a sense of trust with their voters.
To address the potential risk that accompanies unsecured websites, campaigns and political parties should enroll in free website protection through the Cloudflare for Campaigns program.
The 2024 VoterGuard Threat Report outlines critical cybersecurity risks facing political campaigns and party offices as the 2024 election approaches. We identified three key vulnerabilities shared by state and local political parties across the United States:
Widespread account exposure
A lack of DMARC email protection
Vulnerabilities in campaign websites
By implementing multi-factor authentication, DMARC protocols, and website security measures to safeguard against breaches, phishing, and impersonation, campaigns and party offices can dramatically reduce their risk of being successfully compromised by malign actors and cyber criminals.
VoterGuard was founded in 2024 to help empower political organizations with innovative, non-partisan cybersecurity solutions. To learn more about securing your organization, or to start implementing cybersecurity tools today, please reach out to us at info[at]voterguard.net, or visit https://voterguard.net.