Fortinet’s FortiGuard Labs Threat Intelligence Report: Cyber Threats Targeting the 2024 U.S. Presidential Election

As the 2024 U.S. Presidential Election approaches, the cybersecurity landscape is becoming increasingly fraught with threats aimed at undermining the electoral process. Fortinet, a global leader in cybersecurity, has released its FortiGuard Labs Threat Intelligence Report, which sheds light on the various cyber threats targeting U.S.-based entities, voters, and the electoral process itself. This report highlights alarming trends, including phishing scams, malicious domain registrations, and the growing darknet landscape, all of which pose significant risks to the integrity of the upcoming election.

Phishing Scams Targeting Voters

One of the most pressing concerns outlined in the report is the rise of phishing scams specifically targeting voters. Cybercriminals are capitalizing on the heightened interest surrounding the election by selling affordable phishing kits on the darknet. These kits, priced at approximately $1,260 each, are designed to impersonate presidential candidates and their campaigns, aiming to harvest personal information from unsuspecting voters and donors. This includes sensitive data such as names, addresses, and credit card details, which can be exploited for fraudulent activities.

Surge in Malicious Domain Registrations

In addition to phishing scams, FortiGuard Labs has observed a significant increase in malicious domain registrations. Since the beginning of 2024, over 1,000 new potentially malicious domains have been registered, many of which incorporate election-related content and references to prominent political figures. This trend suggests that threat actors are leveraging the electoral fervor to lure victims into their traps. Notably, fraudulent fundraising websites have emerged, such as secure[.]actsblues[.]com, which mimics the legitimate ActBlue platform. The use of reputable hosting providers like Amazon Web Services (AWS) and Cloudflare by these malicious actors adds a layer of legitimacy to their operations, making it harder for potential victims to discern the truth.

The Darknet Landscape: A Treasure Trove of Personal Data

The report also delves into the darknet landscape, where billions of records from U.S. citizens are available for sale. This includes Social Security numbers (SSNs), personally identifiable information (PII), and credentials that could be weaponized in misinformation campaigns or lead to account takeovers. Approximately 3% of posts on darknet forums involve databases related to business and government entities, underscoring the significant threat posed to the electoral process.

FortiGuard Labs has identified over 1.3 billion rows of combo lists containing usernames, email addresses, and passwords, which could facilitate credential-stuffing attacks. Additionally, the discovery of 300,000 rows of credit card data highlights the potential for financial fraud targeting voters and election officials. The sheer volume of user databases available on the darknet raises concerns about identity theft and targeted phishing attacks, with 10% of posts linked to SSN databases.

Ransomware Attacks on the Rise

The report also reveals a troubling trend in ransomware attacks targeting U.S. government agencies. FortiGuard Labs researchers noted a 28% increase in such attacks year-over-year, which poses a direct threat to the electoral process and public trust in government institutions. The darknet has become a hub for U.S.-specific threats, where malicious actors can trade sensitive information and develop strategies to exploit vulnerabilities. This trend is particularly concerning as the election draws near, with government entities becoming prime targets for cybercriminals.

Recommendations for Safeguarding the Election

Given the escalating cyber threats, Fortinet emphasizes the importance of robust cybersecurity measures to protect the integrity of the 2024 U.S. Presidential Election. The report outlines several key recommendations for citizens, business leaders, and election officials:

1. Stay Vigilant: Always be on the lookout for suspicious behavior or activity, especially leading up to major events.
2. Prioritize Cyber Hygiene: Maintain good cyber hygiene practices to minimize risks.
3. Employee Training: Invest in training and awareness programs for employees to recognize and respond to cyber threats.
4. Multi-Factor Authentication: Enforce multi-factor authentication and strong password policies to enhance security.
5. Endpoint Protection: Install endpoint protection solutions to safeguard devices against potential threats.
6. Regular Updates: Regularly patch operating systems and web servers and update software to close vulnerabilities.

Conclusion

As the 2024 U.S. Presidential Election approaches, the findings from Fortinet’s FortiGuard Labs Threat Intelligence Report serve as a stark reminder of the cyber threats that loom over the electoral process. With phishing scams, malicious domain registrations, and ransomware attacks on the rise, it is imperative for all stakeholders to remain vigilant and proactive in their cybersecurity efforts. By implementing best practices and fostering a culture of awareness, we can collectively work towards safeguarding the integrity of the electoral process and ensuring that every vote counts.