The FBI recently launched an investigation into cyberattack attempts on the Trump and Harris presidential election campaigns.
These hacking attempts reportedly aimed to access private campaign data and communications, with a notable focus on email account breaches and phishing attacks. Although it’s unclear if these attempts succeeded, Roger Stone was informed by authorities that his email had been compromised.
Earlier this year, both campaigns issued responses, with Harris officials stating no known breaches, while Trump campaign representatives confirmed they experienced a June hack. Microsoft identified a phishing operation involving a campaign advisor’s email, used to send malicious emails to others. The Trump campaign attributes these incidents to an Iranian hacking operation, but Iran has denied involvement.
In response to these events, cybersecurity and election security experts continue to caution that foreign governments – including Russia, China, and Iran – may attempt to interfere in the 2024 U.S. elections. Hackers often use “hack-and-leak” methods, as seen in the 2016 U.S. election, where Russian operatives stole and released sensitive campaign communications. These recent attacks highlight the risks of cyber threats to election integrity and data security.
Malware Techniques Used In Election Campaign Cyber Data Theft
Hackers use malware tools, such as keystroke loggers, screen capture tools, and malicious injection to extract sensitive information from targeted systems. Here’s how each technique works and how it can be used against campaign staff or voters:
Keystroke Logging
Function: Keystroke loggers secretly record every keypress on a user’s device, including login credentials, passwords, and any other text typed.
Impact on Data Theft: By capturing login information for secure systems, hackers gain unauthorized access to private communications, emails, and sensitive data. In election contexts, stolen credentials can be used to impersonate campaign staff, monitor campaign strategies, or tamper with voter data.
Screen Capture
Function: Screen capture malware takes periodic or real-time screenshots of a user’s device, capturing on-screen information.
Impact on Data Theft: Screen captures allow hackers to see confidential campaign documents, voter information, or emails without needing direct access to files. This method can expose strategy documents, voter targeting plans, and financial information.
Malicious Injection
Function: Malicious code injection manipulates or inserts unauthorized code into legitimate software or websites, redirecting users or stealing their data.
Impact on Data Theft: Hackers could inject malicious code into campaign websites or voter databases to harvest voter information or mislead voters with fake information. Injected code could also be used to infect site visitors with malware, including voters accessing campaign sites for updates.
Armored Client Protects Election Campaign Systems And Voter Data
“These techniques are part of a growing arsenal used by hackers in cyber operations to steal data, impersonate officials, and disrupt democratic processes,” said Tim Royston-Webb, CEO, SentryBay. “The continued rise of cyber threats underscores the importance of strong cybersecurity measures to protect campaign systems and voter data. SentryBay’s Armored Client is the OEM at the heart of Citrix App Protection, and is now proven protection against infostealer malware for Microsoft AVD and W365 endpoints. The solution utilises endpoint access isolation in a manner which does not impact on performance and includes Keylogging and Screen Capture protection.”