2024 US Presidential Election Cyber Intrusion: Part 5 - Cybercrime Threats

Uploaded on 2024-10-31 in GOVERNMENT-National, FREE TO VIEW

Part 5 of a series that will analyze critical cyber security aspects during the countdown  to the 2024 US Presidential Election, beginning with Nation State Threat Actors, then Covert Influence OperationsHactivism and Cybercrime.

Do Organized Cybercrime Groups Have The Ability To Compromise the 2024 US Presidential Election?

Although it is unlikely that financially motivated cybercriminals would have a specific interest in the 2024 US presidential election itself, ransomware, and related extortion efforts, target victims for their potential to pay a ransom.

Ransomware

With a substantial quantity of sensitive data surrounding the election available for compromise, we have assessed that this will increase the likelihood for the election to be targeted by a cybercrime event. Ransomware efforts will provide cybercriminals with a low-cost, high-reward attack vector that could be leveraged to both gain access to the network of US election offices, as well as actively disrupting the election proceedings by encrypting data.

Phishing

Cybercriminals will likely capitalise on the run-up to November 5th by engaging in malicious social engineering attempts involving the delivery of US presidential election-themed phishing emails, SMS, and social media messages to prey on the US public’s uncertainty surrounding the election. They will try to entice them to interact with malicious links that will likely be disguised by URLs purporting to divert victims to seemingly legitimate election information and voter registration web pages.

Stealware

Cybercrime targeting of the election will also likely extend to involve the deployment of stealware variants.

This assessment has been made based on a recent trend of threat actors leveraging stealware with attempts to steal voter registration records and credentials from election systems with the actors also leaking these data sets.

These infostealer campaigns have obtained this data by intercepting login forms on Internet browsers or by accessing password storage on compromised devices. Stealware actors likely leak this data to undermine the trust in US election systems and create the perception that they are vulnerable and untrustworthy.

TO BE CONCLUDED

Craig Watt is a Threat Intelligence Consultant at Quorum Cyber specializing in strategic and geopolitical intelligence.

Image: Andrii Shyp

You Might Also Read:

2024 US Presidential Election: Nation State Cyber Threats:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« What Industrial Organisations Can Learn From Nation-State Cyber Attacks
Cyber Security Teams Feel The Pressure  »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CLUSIS

CLUSIS

CLUSIS is an association for the information security industry in Switzerland.

ProPay

ProPay

ProPay provides secure payment solutions for organizations ranging from small businesses to large enterprises requiring complex payment solutions.

Team8

Team8

Team8 is Israel’s most prestigious cybersecurity think tank and venture creation foundry.

Zanasi & Partners

Zanasi & Partners

Zanasi & Partners is a security research and advisory company active in the EU and MENA areas. Services focus on technology solutions.

Cyberlitica

Cyberlitica

Cyberlitica (formerly iPhish) provides a Workforce Threat Intelligence application that significantly augments companies’ cyber threat prevention efforts.

Atlantic Council Digital Forensic Research Lab (DFRLab)

Atlantic Council Digital Forensic Research Lab (DFRLab)

The Atlantic Council’s DFRLab has operationalized the study of disinformation by exposing falsehoods and fake news, documenting human rights abuses, and building digital resilience worldwide.

Secure-IC

Secure-IC

Secure-IC provide end-to-end, best-of-breed security expertise, solutions, and hardware & software technologies, for embedded systems and connected objects.

NJVC

NJVC

NJVC delivers IT automation, optimization and security to empower mission-enabling IT for customers with secure requirements.

Acreto

Acreto

Acreto is an end-to-end security infrastructure that protects all your technologies with a single, simple cloud service.

DataFleets

DataFleets

DataFleets is a privacy-preserving data engine that unifies distributed data for rapid access, agile analytics, and automated compliance.

SecureData

SecureData

SecureData provide professional data recovery services, digital forensics, data recovery software and FIPS 140-2 Level 3 Validated hardware encrypted drives.

National Cryptologic Foundation (NCF) - USA

National Cryptologic Foundation (NCF) - USA

The National Cryptologic Foundation strives to influence the cryptologic future by sharing our educational resources, stimulating new knowledge, and commemorating our heritage.

Cyber1

Cyber1

CYBER1 is a leader in cyber security advisory and solutions. We are uniquely placed to help customers achieve cyber resilience and thus, safeguard reputation and value.

Qeros

Qeros

Qeros is a next-generation distributed system enables secure data and transaction processing at the velocity of thought.

Roberts & Obradovic Law

Roberts & Obradovic Law

Roberts & Obradovic Law Group is a corporate, privacy, employment and litigation law firm.

CyberEPQ

CyberEPQ

CyberEPQ (Cyber Extended Project Qualification) is the UK’s first and only Extended Project Qualification in Cyber Security.