Phishing in troubled waters: 3 ways email attacks may impact elections

Today’s email attackers are using advanced techniques to supercharge their campaigns. With sophisticated social engineering tactics, automated domain generation, and advanced strains of polymorphic malware, cybercriminals are able to evade traditional detection mechanisms. And with one-quarter of successful phishing breaches executed by state-affiliated actors, politicians and political organizations find themselves targeted by those not only seeking financial reward, but looking to manipulate their targets, spread misinformation, or even influence the course of world politics.

To get a glimpse of the widespread chaos that can stem from compromised emails, we need look no further than the 2016 US presidential election, when leaked communications and other confidential documents from the DNC damaged the reputation of the political party in a capacity that had a significant impact on the election. More recently, the Twitter hack of July 2020 likely used an attack method similar to a phishing attack – resulting in the accounts of prominent organizations and figures such as Apple Inc. and Barack Obama tweeting out fraudulent messages, intending to scam viewers.

As malicious spear-phishing emails continue to slip through legacy security tools, which look for known indicators of threat observed in historical attacks, the state of email defenses could well make an impact on this year’s presidential election. With attackers updating their techniques faster than ever, the average lifespan of an email attack has shrunk to a matter of hours, not days. Soon, the emergence of offensive AI will enable cyber-criminals to launch attacks at a speed and scale previously unimaginable.

To read the full version of this story, visit Dark Reading.