The end of campaign season offers a chance to reflect what went right and wrong—whether you’re a candidate or a nonprofit trying to protect them.
Michael Kaiser, CEO and president of Defending Digital Campaigns (DDC), a nonpartisan org providing free or discounted cybersecurity services to political campaigns, is using the election “off season” to consider the threats fielded by 2024 political teams.
While some Americans feared deepfakes’s deep electoral impact, many cyber incidents that emerged, Kaiser said, were of the “classic” variety—familiar threats like denial-of-service attempts, account compromises, and phishing.
“Compromise a third party that is trusted by the campaign, then use their compromised email to send an email to the campaign that then compromises the campaign, right? You can’t get much more classic than that,” Kaiser said.
Play the classics
- Microsoft and the FBI, according to an August CNN report, informed Trump operative Roger Stone that a “foreign state actor” compromised his personal email, with the intention of using the account to phish Trump campaign officials.
- In a November 2024 post, DDC partner Cloudflare reported mitigating over 6 billion distributed denial-of-service attacks—expected threats, Kaiser said—against US election websites during the first six days of November.
What is DDC? DDC, granted permission by the Federal Election Commission to operate, provides bipartisan campaign support to eligible federal campaigns, as well as state campaigns in Ohio, Georgia, Virginia, and Michigan. (When asked, Kaiser did not share any campaigns, including presidential ones, that used DDC’s services.)
The nonprofit has 12 tech vendor partners, who gave over $2.9 million in products this year, Kaiser told IT Brew.
Top insights for IT pros
From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.
About those deepfakes. A Pew Research Center survey found that 39% of Americans thought AI would be “used mostly for bad purposes during the presidential campaign.”
In a Dec. 3 blog post, Meta’s President of Global Affairs Nick Clegg said deepfakes “did not materialize in a significant way and that any such impact was modest and limited in scope.”
“I think the people just thought there would be rampant fake videos everywhere, about everything, and campaigns would be making them…And I just don’t think we saw that magnitude of it,” Kaiser said.
Adoption rose. Since the group’s FEC-approved inception in 2019, the group has given at least one product to over 750 campaigns, Kaiser wrote in a follow-up email to IT Brew. The DDC assisted over 360 campaigns in this election cycle, according to Kaiser—a “huge increase of adoption.”
In the off season, Kaiser is talking with vendor partners about ways to improve product deliveries to campaigns and considering how evolving defenses, like passkeys, will shape new offerings.
While many of the seen cyber threats didn’t shock Kaiser, one event did surprise the DDC director: China-based hackers may have infiltrated telecom companies to possibly access presidential candidates’s communications, according to a report from the Congressional Research Service.
While the geopolitical climate is one that’s difficult to predict, Kaiser noted, the group will be focusing on the classics.
“I think we always try to defend against the most common and likely to occur threats…and we still think that account security will be extremely important.”