2024 US Presidential Election Cyber Intrusion: Part 5 - Cybercrime Threats

Uploaded on 2024-10-31 in GOVERNMENT-National, FREE TO VIEW

Part 5 of a series that will analyze critical cyber security aspects during the countdown  to the 2024 US Presidential Election, beginning with Nation State Threat Actors, then Covert Influence OperationsHactivism and Cybercrime.

Do Organized Cybercrime Groups Have The Ability To Compromise the 2024 US Presidential Election?

Although it is unlikely that financially motivated cybercriminals would have a specific interest in the 2024 US presidential election itself, ransomware, and related extortion efforts, target victims for their potential to pay a ransom.

Ransomware

With a substantial quantity of sensitive data surrounding the election available for compromise, we have assessed that this will increase the likelihood for the election to be targeted by a cybercrime event. Ransomware efforts will provide cybercriminals with a low-cost, high-reward attack vector that could be leveraged to both gain access to the network of US election offices, as well as actively disrupting the election proceedings by encrypting data.

Phishing

Cybercriminals will likely capitalise on the run-up to November 5th by engaging in malicious social engineering attempts involving the delivery of US presidential election-themed phishing emails, SMS, and social media messages to prey on the US public’s uncertainty surrounding the election. They will try to entice them to interact with malicious links that will likely be disguised by URLs purporting to divert victims to seemingly legitimate election information and voter registration web pages.

Stealware

Cybercrime targeting of the election will also likely extend to involve the deployment of stealware variants.

This assessment has been made based on a recent trend of threat actors leveraging stealware with attempts to steal voter registration records and credentials from election systems with the actors also leaking these data sets.

These infostealer campaigns have obtained this data by intercepting login forms on Internet browsers or by accessing password storage on compromised devices. Stealware actors likely leak this data to undermine the trust in US election systems and create the perception that they are vulnerable and untrustworthy.

TO BE CONCLUDED

Craig Watt is a Threat Intelligence Consultant at Quorum Cyber specializing in strategic and geopolitical intelligence.

Image: Andrii Shyp

You Might Also Read:

2024 US Presidential Election: Nation State Cyber Threats:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« What Industrial Organisations Can Learn From Nation-State Cyber Attacks
Cyber Security Teams Feel The Pressure  »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Security Compass

Security Compass

Security Compass, the Security by Design Company, enables organizations to shift left and build secure applications by design, integrated directly with existing DevSecOps tools and workflows.

Research Institute in Trustworthy Industrial Control Systems (RITICS)

Research Institute in Trustworthy Industrial Control Systems (RITICS)

RITICS is one of three Research Institutes formed as part of the UK National Cyber Security Strategy.

Shieldfy

Shieldfy

Shieldfy is a cloud-based security shield for your website to protect it from cyber attacks and malwares.

Strategic Cyber Ventures (SCV)

Strategic Cyber Ventures (SCV)

SCV grow cybersecurity companies that disrupt advanced cyber adversaries and revolutionize the cyber product marketplace.

Cloud & Cyber Security Expo

Cloud & Cyber Security Expo

Cloud & Cyber Security Expo is the UK’s largest cloud and cyber security event.

CyberRisk Alliance (CRA)

CyberRisk Alliance (CRA)

CyberRisk Alliance is a business intelligence company created to serve the rapidly evolving cybersecurity and information risk management marketplace.

Networks Unlimited

Networks Unlimited

Networks Unlimited is a leading value-added distributor in Africa, providing technology solutions with a focus on security, networking, enterprise systems management and cloud technologies.

Abertay cyberQuarter

Abertay cyberQuarter

The Abertay cyberQuarter is a cybersecurity research and development centre housed within Abertay University.

Catalogic Software

Catalogic Software

Catalogic helps clients backup, recover, manage, and protect their data across their enterprise and cloud environments with Smart Data Protection solutions.

RSK Cyber Security

RSK Cyber Security

RSK Cyber Security are a leading cyber security services company that uses services, consulting, and product knowledge to lower security risk across the board.

Coffee Cup Solutions

Coffee Cup Solutions

We offer a full spectrum of IT Services, from our UK based Helpdesk to IT Consultancy and Cyber Security. Our team has the skills and experience to develop, deliver and manage IT for your business.

Leostream

Leostream

Leostream's Remote Desktop Access Platform enables seamless work-from-anywhere flexibility while maintaining security and constant visibility of users.

Anch.AI

Anch.AI

Anch.AI is an Ethical AI Governance platform that helps you comply with EU regulations and avoid risks and penalties when developing and using AI as part of your business.

Cloudbrink

Cloudbrink

Cloudbrink is purpose-built to deliver the industry’s highest performance connectivity to remote and hybrid workers, anywhere in the world.

Qryptonic

Qryptonic

Qryptonic pioneers next-generation cybersecurity by leveraging the unparalleled capabilities of quantum computing to defend against evolving threats.

SKADI Cyber Defense

SKADI Cyber Defense

At SKADI Cyber Defense, we specialize in enterprise-grade cybersecurity solutions tailored for small to medium businesses.