Escalating Cyber Threats Targeting the 2024 U.S. Presidential Election: Insights from Fortinet FortiGuard Labs

As the 2024 United States presidential election approaches, the landscape of cyber threats is becoming increasingly perilous. Fortinet FortiGuard Labs has identified a worrying trend: cyber adversaries are intensifying their focus on U.S.-based entities, voters, and the electoral process itself. This article delves into the findings of the FortiGuard Labs Threat Intelligence Report, highlighting the nature of these threats and the imperative for heightened cybersecurity measures.

The Rise of Cyber Adversaries

Derek Manky, Chief Security Strategist and Vice President of Global Threat Intelligence at Fortinet, underscores the urgency of understanding these evolving cyber threats. He states, "As the 2024 U.S. presidential election approaches, it’s critical to recognise and understand the cyberthreats that may impact the integrity and trustworthiness of the election process and the welfare of the participating citizens." The report reveals that both state-sponsored entities and hacktivist groups are increasingly active in exploiting the electoral climate, making it essential for stakeholders to remain vigilant.

Phishing Scams and Malicious Domain Registrations

One of the most alarming findings from the report is the proliferation of phishing scams specifically targeting voters. Cybercriminals are selling phishing kits on the darknet for approximately USD $1,260 each. These kits are designed to impersonate U.S. presidential candidates, enabling threat actors to harvest sensitive personal information, including names, addresses, and credit card details linked to campaign donations. This not only poses a risk to individual voters but also threatens the integrity of the electoral process.

In addition to phishing scams, FortiGuard Labs has identified over 1,000 newly registered domains since January 2024 that closely resemble election-related content and political figures. These domains are crafted to attract unsuspecting individuals, raising significant concerns about their potential misuse. The existence of such fraudulent domains underscores the risks associated with high-stakes events like national elections, where misinformation can easily spread.

The Darknet and Sensitive Data

The report also highlights a disturbing trend regarding sensitive data available for sale on darknet forums. Billions of records, including Social Security numbers (SSNs) and other personally identifiable information (PII), are reportedly on offer, with around 3% of these posts linked to business and government databases. This vast pool of data represents a considerable risk for misinformation campaigns, phishing scams, and identity theft, further complicating the cybersecurity landscape as the election nears.

Ransomware Attacks on Government Entities

Another critical finding is the 28% increase in ransomware attacks targeting U.S. government entities compared to the previous year. This spike in attacks highlights the heightened vulnerability of government operations during the lead-up to national elections. Such incidents not only pose risks to the electoral process but also threaten public trust in the integrity of the election system.

The Use of Reputable Hosting Services

Malicious actors are becoming increasingly sophisticated, leveraging reputable hosting services like Amazon Web Services (AWS) and Cloudflare to enhance the legitimacy and resilience of fraudulent domains. By employing centralized management of IP addresses, these actors are making it more challenging for cybersecurity professionals to detect and mitigate threats. This trend underscores the need for advanced detection techniques and proactive measures to safeguard against cyber incursions.

Recommendations for Enhanced Cybersecurity

In light of these alarming trends, FortiGuard Labs emphasizes the importance of implementing robust cybersecurity measures. Recommendations include:

1. Enhancing Employee Training: Regular training sessions can equip employees with the knowledge to recognize and respond to potential cyber threats effectively.

2. Enforcing Multi-Factor Authentication (MFA): Implementing MFA adds an extra layer of security, making it more difficult for unauthorized users to gain access to sensitive information.

3. Maintaining Updated Software Systems: Regularly updating software systems can help close vulnerabilities that cyber adversaries may exploit.

These practices are crucial for fortifying protections against the tactics employed by cyber adversaries during this critical period leading up to the election.

Conclusion

As the 2024 U.S. presidential election draws near, the threat landscape is becoming increasingly complex and dangerous. With cyber adversaries targeting voters, electoral processes, and government entities, the need for heightened vigilance and robust cybersecurity measures has never been more critical. By understanding these threats and implementing recommended practices, stakeholders can better prepare to safeguard the integrity of the electoral process and protect the welfare of participating citizens. The stakes are high, and the time to act is now.