Strengthening U.S. political campaigns against cyber threats: The urgent need for DMARC implementation

Securing political campaigns from cyber threats has never been more urgent. It is critical to secure communications that handle sensitive exchanges with voters, contributors, donations and coordinate complex operations. Campaigns make exceptionally rich targets for cyber espionage and exploitation, with our open-source research, demonstrating nearly 75% of US Senate campaign websites having not achieved Domain-based Message Authentication, Reporting & Conformance (DMARC) compliance. Their reliance on sensitive information, such as strategic plans, voter demographic data, and donor communications offer tantalizing prospects for influence, disruption, or other operations designed to undermine trust in fair elections.

In the United States, many campaign websites and digital infrastructures lack robust cybersecurity measures. Despite the importance of email security, Red Sift’s analysis shows that a troubling majority of U.S Senate and Presidential political campaign websites lack DMARC protections. Without properly managed DMARC, these campaigns are vulnerable to phishing and spoofing attempts, which can lead to breaches, leaking, and other significant security breaches. For campaigns, time pressures amplify these risks, allowing attackers to exploit lapses in security at critical moments.

Influence operations, cyber hygiene, and public trust

Historically, Russian attacks against U.S. campaigns have focused on influence operations, hoping to alter outcomes in their favor. More recently, Iran has become a formidable cyber attacker, presently focusing more on disrupting election processes than swaying voters. Russian, Chinese, and Iranian state actors have repeatedly sought to take advantage of weak email security and cyber hygiene, often to great effect as in the cases of the 2015-2016 Russian GRU hacks and most recently Iranian “hack and leak” attempts against current and former U.S. officials. 

Personal email accounts are not exempt from attack either: Russia’s cyber attacks against the private email accounts of the former chair of Hillary Clinton’s presidential campaign John Podesta and former Secretary of State Hillary Clinton were orchestrated by Russian intelligence and ultimately published on Wikileaks. 

Although their objectives may differ, the TTPs for malign actors looking to undermine elections are markedly similar: low level DDOS attacks and infostealers remain common as do phishing and social engineering attacks aimed at email communications. Acutely, campaigns should have robust technical and policy measures in place to mitigate the rise in spearphishing, impersonation, and domain-spoofing attacks. 

Today, campaign domain sites and associated email accounts remain prime vectors for exploits such as spoofed domains. As noted in FBI and CISA advisories, DMARC policies play a crucial role in preventing email spoofing and phishing attacks by ensuring that emails sent from a domain are authenticated. Properly configured, these measures would help protect a political campaign’s reputation, ultimately helping campaign operations while safeguarding against cyberattacks that can undermine the democratic process.

While there is no silver bullet for email cybersecurity, properly configured and managed DMARC is crucial for political campaigns as it helps protect against email spoofing, ensuring that only legitimate communications are sent from the campaign’s domain. This is vital for maintaining trust with voters and donors, as it prevents phishing attacks that could compromise sensitive information or spread disinformation. Ultimately, by securing email communications, DMARC safeguards the campaign’s reputation, helping to prevent attackers from tarnishing the brand with fake emails.

As last month’s joint CISA/FBI public service announcement describes, adversaries seek to undermine faith in U.S. elections by targeting several key areas: spreading disinformation, leaking or manipulating sensitive information to create misleading narratives, swaying public opinion, and discrediting candidates. Additionally, hacktivists and foreign powers may seek to access confidential strategic plans, gaining insights into a campaign’s tactics or leaking this information to sway opinion. 

Cyber attacks can also disrupt campaign operations, potentially slowing momentum. Taken together, these efforts ultimately aim to undermine public trust in the electoral process, destabilizing the political landscape, and potentially aligning election outcomes with the interests of other states. 

With heightened concerns around election integrity, implementing DMARC demonstrates a campaign’s commitment to secure, authentic communication and adherence to cybersecurity standards. This not only builds voter trust but also contributes to the overall security of the political process and the integrity of democratic processes. Campaigns are known targets of states and state-sponsored cybercriminals, as such prioritizing robust cybersecurity measures, particularly DMARC implementation, is essential to safeguarding both political campaigns and preserving public trust.

PUBLISHED BY

Sean Costigan

22 Oct. 2024

SHARE ARTICLE:

Categories

Recent Posts

VIEW ALL
Thought Leadership

How the EU can mandate for stronger email security

Antony Seedhouse

Executive summary: The article examines how the EU can proactively close email security gaps by leveraging the NIS2 Directive to mandate robust, harmonized standards like DMARC, DKIM, and SPF across all member states. By acting now, the EU not only protects its digital ecosystem but also sets a global benchmark for cybersecurity best practices.…

Read more
News

Europe’s #1 for DMARC: Red Sift OnDMARC does it again

Francesca Rünger-Field

G2’s Summer 2025 Report has landed, and we’re proud to share that Red Sift OnDMARC remains the #1-rated DMARC solution in Europe. This marks another strong season for OnDMARC, with continued recognition across G2’s category reports. We were featured in 18 reports this quarter, taking top spots in the Mid-Market Results Index and Mid-Market…

Read more
Cybersecurity

Healthcare and cybersecurity: 73% of breaches lack DMARC enforcement

Faisal Misle

The healthcare sector has become a target for both low-level and occasionally spectacularly successful cyberattacks. Hospitals, insurers, medical supply chains, service and medical providers are prime targets for threat actors, with email phishing attacks, ransomware, and data breaches on the rise. In 2024, 94% of U.S. healthcare organizations experienced a cyberattack, with the average…

Read more
BIMI

VMC and CMC: What are the new requirements?

Jack Lilley

Executive Summary: Staying updated on Verified Mark Certificates (VMCs) and Certified Mark Certificates (CMCs) is crucial for organizations aiming to authenticate their logos and enhance brand trust in email communications. Discover the key changes in the latest security requirements and compare the differences between VMCs and CMCs.​ This article: Introduction Verified Mark Certificates (VMCs) and…

Read more