Tuesday, July 19, 2016

Risk Assessment: US Presidential Election Cyber Threat Landscape

INTRODUCTION: The American political landscape is complex, and profiling the attack surfaces for any federal political operation is difficult as campaigns adopt new marketing, social media, and fundraising methods. There are also different motivations for each cyber actor that may overlap.

The different categories of political players are diverse as candidates have political action committee (PAC) allies, national political committees, and major events such as each party’s national convention. This is also compounded by the long political and business histories of each party’s nominee: Hillary Clinton and Donald Trump. 

US financial services exposure includes the targeting of Personal Identifiable Information (PII), information of donors to the candidates, PACs, and national political committees. This is possible through the vendors hired by each campaign to managed and report donations. Exposure also includes the organizations involved in targeting the banks servicing the transactions for all of these organizations via business email compromise as well as those who have worked with the business or political assets belonging to each candidate.

This paper is also applicable to non-US institutions as it profiles how to conduct counter reconnaissance awareness with typo-squatting tools, examines how to be aware of politically-exposed persons or celebrity donors and also recommends best practices to prevent fraud through business email compromise.


This report was published in its entirety to the Financial Services ISAC and Red Sky Alliance portal on July 19, 2016.  For more information, contact Wapack Labs at 844-4-WAPACK.