election cybersecurity threats 2024
American democracy is heading into one of its most digitally dangerous seasons yet. As the 2024 U.S. election cycle intensifies, cybersecurity researchers, former state officials, and intelligence analysts are sounding the alarm over a rapidly expanding web of threats — ranging from a flood of suspicious election-themed websites to AI-generated misinformation and coordinated foreign interference campaigns.

A detailed report from Check Point, one of the world’s leading cybersecurity firms, first reported by PBS News, paints a sobering picture: thousands of new domains carrying election-related keywords have been registered in recent months, political fundraising platforms have leaked tens of thousands of user credentials, and artificial intelligence is making it cheaper and faster than ever for bad actors to flood the information space with content that is nearly impossible to distinguish from reality.

The stakes have never been higher. And the vulnerabilities, according to experts, have never been more exposed.

The Domain Surge: A Digital Red Flag

At the center of Check Point’s findings is a striking pattern in website registrations. In January of this year alone, approximately 1,300 newly registered domains contained the keyword “election,” while around 2,957 included the word “vote.” PBS

That number surged even further in the weeks that followed. Between April 13 and May 14, Check Point Exposure Management found approximately 1,140 newly registered domains containing “election” and around 4,010 containing “vote” — a sharp acceleration from January’s already elevated figures. PBS

AI deepfake technology fueling election cybersecurity threats 2024
IMAGE CRADIT PBS NEWS | election cybersecurity threats 2024

To be clear, registering a domain name is not a crime. Not every site with “vote” or “election” in its URL is malicious. But the scale and trajectory of this growth is what concerns experts. As the report itself notes, these websites expand the available pool of domains that could later be deployed for phishing attacks, donor fraud, candidate impersonation, or the distribution of disinformation.

Kathy Boockvar, of Athena Strategies — who served as Secretary of the Commonwealth of Pennsylvania from 2019 to 2021 — said: “Seeing that these websites are continuing to grow is of significant concern, on top of what’s already a concerning status quo.” PBS

She added that the report’s findings are consistent with what private sector partners and other government agencies have been tracking independently — a collective warning that the threat environment around this election is unlike anything seen in previous cycles.

What the Report Actually Found

The more than 30-page Check Point report identifies the most probable threat categories for the coming election: impersonation, influence operations, AI-driven content manipulation, donation fraud, and what researchers call “opportunistic disruption.”

Check Point’s earlier research found that 82% of malicious file-based attacks arrive through email phishing — a finding that has direct implications for election offices, campaign organizations, voter registration bodies, and the entire ecosystem of people and institutions that keep an election running. Training and awareness are not optional extras. They are, at this point, a baseline requirement for survival in this environment. PBS

Oregon’s Secretary of State Tobias Read confirmed that his office is already taking the phishing threat seriously. He told PBS News that his team conducts quarterly training sessions with staff and runs internal phishing simulation exercises. “We have scenarios and tests that we run internally — including me, where I have to think hard about it,” he said. The message: if a trained state official has to pause before clicking, imagine the risk for less-prepared staff.

Political Fundraising Platforms Under Attack

One of the more alarming sections of the report focuses on credential leaks from major political fundraising platforms — the digital arteries through which hundreds of millions of campaign dollars flow every cycle.

According to Check Point’s findings, ActBlue — the dominant online fundraising platform used by Democratic candidates and organizations — had approximately 9,600 civilian credentials including usernames and passwords leaked. The Republican counterpart, WinRed, saw roughly 6,500 leaked credentials. These aren’t just privacy violations. Check Point warns that exposed credentials of this type open doors to everything from donor fraud and financial theft to unauthorized access to internal campaign systems.

The silver lining, if there is one, is narrow but notable. Among a sample of individual swing-state campaign websites from both parties, leaked credentials were nearly nonexistent. The exposure is concentrated in the larger, centralized platforms — not in individual candidate sites. That suggests a systemic vulnerability at the infrastructure level rather than a campaign-by-campaign failure.

AI: The Game-Changer Nobody is Ready For

If the domain surge and phishing risks represent familiar threats in new clothes, artificial intelligence represents something qualitatively different — a force multiplier that lowers the barrier to creating believable falsehoods at industrial scale.

Primary security concerns around the 2024 presidential election include AI-driven misinformation dissemination, hacking of voter databases, and tampering with voting machines. But it is the AI disinformation angle that is attracting the most urgent attention from researchers. Security Magazine

Aaron Rose, a cybersecurity expert at Check Point, put it bluntly when speaking to PBS News. He explained that AI can now consume vast amounts of personal and public data to generate content that is genuinely believable — not just crude phishing emails, but convincing social media posts and deepfake videos that are becoming increasingly difficult to identify as fabrications. PBS

AI-powered deepfakes and automated trolling pose significant risks, fueling misinformation, damaging reputations, and undermining trust in the democratic process. The concern is not hypothetical. Deepfake audio of political figures has already circulated in multiple countries ahead of recent elections, and in some cases, voters had no reliable way of knowing what was real. Security Magazine

The speed and cost economics here are what make AI uniquely dangerous. Previously, running a sophisticated disinformation operation required significant resources — state-level actors, professional teams, sustained investment. Today, the same outcomes are achievable with a laptop, an internet connection, and a subscription to a generative AI tool.

AI deepfake technology fueling election cybersecurity threats 2024
election cybersecurity threats 2024

Foreign Adversaries: Russia, China, and Iran

The Check Point report does not operate in isolation. It reinforces and expands on a body of intelligence assessments from the U.S. federal government over the past several years — all pointing to the same three foreign actors: Russia, China, and Iran.

Each uses different methods and pursues different objectives.

Russia’s strategy, according to the report, is built around narrative warfare. Russian-linked operations have historically involved creating websites that impersonate established news organizations — mimicking outlets like Reuters or The Washington Post in visual design and domain structure — to lend false credibility to divisive stories. The goal is not necessarily to change votes on election day, but to deepen existing social fractures and erode confidence in institutions over time. Election monitoring websites saw a 400% increase in DDoS attacks during the 2022 midterms, with Mississippi’s election websites briefly taken offline by a pro-Russia hacking group — though voting results were not affected. Dark Reading

Iran has been more aggressive in direct cyber intrusion. Iran’s Mint Sandstorm group — also known as Charming Kitten and linked to the Islamic Revolutionary Guard Corps — breached the Trump campaign’s cybersecurity defenses, stealing sensitive documents. The group is known for sophisticated phishing attacks and social engineering, targeting individuals connected to both Biden and Trump administrations. CyberProof

China’s approach tends to focus on long-term influence and intelligence gathering rather than immediate disruption, though its capabilities for both are well-documented.

The Disinformation Dilemma: Warning Voters Without Frightening Them

There is a genuine tension at the heart of election security communication that the Check Point report and the officials responding to it are navigating carefully. Alerting the public to the scale of cyber threats is necessary — voters and organizations need to protect themselves. But the act of warning can itself become a vector for harm if it convinces people that the election is rigged, hacked, or untrustworthy before a single vote is cast.

Boockvar voiced this concern directly. She worries that detailed threat reporting could amplify voter fear — potentially suppressing turnout or deepening cynicism about electoral integrity. At the same time, she is categorical that the spread of mis- and disinformation around elections over the past five years represents a more serious and ongoing danger that cannot be left unaddressed through silence.

Oregon’s Secretary of State struck a practical note, advising that when in doubt about any election-related website, citizens should verify its legitimacy before interacting with it — especially before donating money or entering personal information.

What Defenders Are Doing

The good news from the 2024 general election period, according to the Center for Internet Security, is that there were no reports of successful compromises of election infrastructure. That is a meaningful data point — but experts are quick to note that the absence of a confirmed breach is not evidence that threats have diminished. It reflects sustained defensive investment and, in some cases, good fortune. CISecurity

During the 2022 U.S. midterm elections, CISA reported a significant rise in sophisticated phishing operations targeting individuals and groups involved in the electoral process. That experience accelerated the build-out of inter-agency coordination, threat intelligence sharing, and staff training programs across state and federal election infrastructure. RAD Security

Experts recommend a defense-in-depth strategy that includes robust cybersecurity measures, continuous monitoring, comprehensive employee training, advanced web filtering, and multifactor authentication to contain and block malicious activity even in the event of credential compromise. ReliaQuest

The bipartisan reality is that both major party platforms — ActBlue and WinRed — have been targeted. The vulnerabilities are structural, not partisan. And the solutions, whether they involve federal cybersecurity mandates, platform-level investments, or grassroots voter education, will need to match that scale.

Future Outlook: The Threat Doesn’t End on Election Day

History shows that cyberattacks and influence operations targeting elections do not stop when polls close. Post-election periods are often exploited to amplify claims of fraud, circulate manipulated vote-count imagery, and fuel public distrust in certified results — tactics that serve foreign adversaries and domestic bad actors alike.

Experts warn that the unstable information environment created by the election cycle will continue to escalate until — and beyond — election day itself. The 2024 cycle, with AI capabilities far beyond what existed in 2020, is shaping up to be the most complex information security environment any U.S. election has faced. Security Magazine

Legislative responses have been slow. Technical defenses are improving but remain uneven across jurisdictions. Public media literacy — arguably the most durable long-term defense against AI-generated disinformation — is still in its infancy as a policy priority.

Conclusion

The surge in election-related domain registrations documented by Check Point is more than a statistical curiosity. It is a leading indicator of a threat landscape that is becoming more sophisticated, more automated, and more difficult to counter with each passing election cycle. Thousands of potentially weaponizable websites, tens of thousands of leaked credentials, AI-generated content indistinguishable from reality, and well-funded foreign adversaries with clear strategic intent — these are not distant hypotheticals. They are documented, present-tense realities.

The 2024 U.S. election will be won or lost at the ballot box. But the battle for the integrity of that result — and for public confidence in it — is already being fought in server rooms, inboxes, and social media feeds across the country. Whether voters, officials, and platforms are prepared for that fight remains the defining question of this election season.

What is the Check Point election cybersecurity report about?

The report is a 30+ page analysis by cybersecurity firm Check Point warning that the 2024 U.S. election cycle faces elevated threats including phishing attacks, thousands of suspicious domains, AI-generated disinformation, credential leaks from major party fundraising platforms, and coordinated foreign interference from Russia, China, and Iran.

Why are thousands of election-related domain registrations a cybersecurity concern?

While registering a domain is not inherently malicious, a large pool of election-themed domains significantly expands the infrastructure available for phishing, impersonation, donation fraud, and disinformation campaigns. The sheer volume registered in early 2024 represents a meaningful uptick in threat surface.

Which political fundraising platforms were affected by credential leaks?

According to Check Point’s findings, ActBlue — the primary Democratic fundraising platform — had approximately 9,600 user credentials exposed, while the Republican platform WinRed had around 6,500 leaked credentials. These leaks create risks ranging from donor fraud to unauthorized campaign system access.

How is artificial intelligence making election disinformation worse?

AI tools can now generate highly convincing text, images, audio, and video at minimal cost and at scale. This makes it significantly easier for bad actors to produce fake news articles, synthetic social media posts, and deepfake videos that are increasingly difficult for ordinary people to identify as fabricated.

Share your love

Leave a Reply

Your email address will not be published. Required fields are marked *

Related News