Malicious hackers have long made wide use of spoofed emails and accounts to dupe unsuspecting users and steal login credentials and other sensitive data. But when attackers believed to be working on behalf of the Kremlin deployed this favorite technique to wreak havoc on the DNC prior to the 2016 U.S. presidential election, the episode served notice to political campaigns that they, too, were now officially in the cross-hairs.
Once bad actors trick someone into giving up information, they can then create back-doors into servers, additional accounts on servers hosting websites and hijack domains. That’s why the security issues that regularly plague businesses and other organizations need to get factored into the constellation of considerations by election campaigns as well. The challenge is taking on new urgency in advance of November’s U.S. midterm elections as many of the same issues that plagued the 2016 election remain widespread.
But while campaigns may not be able to hermetically seal themselves off from cyber threats, they can take a number of steps that will lower their risk profile – and stay out of the news for the wrong reason.