Illustration: Rebecca Zisser/Axios 

In the 2016 presidential election, Russian agents created havoc by stealing and releasing emails. Campaigns have since improved their security with measures like two-factor authentication and encrypted and ephemeral messaging. But so-called doxxing attacks were last cycle’s problem.

What’s new: Although cyber crime was less of an issue in the 2018 midterm elections, lone wolf hackers and nation states are likely to take a bigger interest in the presidential race. Cyberattacks that compromise political campaign funding — whether by siphoning off money or cutting off donations — present a growing threat.

Russia, Iran and North Korea all have a history of disabling or destroying corporate websites and financial data archives — and in the case of North Korea, straight up stealing money. Any of them could reprise these attacks against campaigns and cut off the “mother's milk” of politics. Here are key threats to watch for:

Old fashioned trickery: In “social engineering” attacks, hackers manipulate people online to access passwords or cash.

  • In 2018, Phil Bredesen’s U.S. Senate campaign nearly lost hundreds of thousands of dollars when hackers breached a consultant’s email account. They used intelligence about an upcoming media buy to pose as a vendor and submit invoices.
  • A staffer contacted the FBI after noticing the wiring credentials were for a foreign account, but it’s an easy detail to miss.

Spoofing: Adversaries seek to suppress online giving by seeding doubt and confusion among donors with fake donation sites, often using deceptive domain names and “typo squatting.”

  • Domestic imposters have already created sites that look exactly like Donald Trump’s campaign site to solicit donations for bogus political action committees, effectively stealing money.
  • A North Carolina candidate reported this year that a Russian purchased the domain from a previous campaign of hers and attempted to mimic her newer site.

Dedicated denial of service (DDoS) attacks: A critical moment — the end of a fundraising quarter, day of a debate or night of a nominee’s convention speech — can yield presidential candidates millions. But not if their website is down.

What’s next: As with doxxing, a few simple changes can make a difference. Campaigns will need procedures to catch social engineering, stronger software to shield their sites from DDoS attacks, and services to detect imposter sites.

Robby Mook is a political strategist and senior fellow at the Harvard Kennedy School.

Go deeper: A handbook for campaigns from Harvard University Belfer Center’s Defending Digital Democracy project

Go deeper

Updated 1 hour ago - Politics & Policy

Coronavirus dashboard

Illustration: Annelise Capossela/Axios

  1. Global: Total confirmed cases as of 3:30 p.m. ET: 20,428,562 — Total deaths: 744,733— Total recoveries: 12,631,548Map.
  2. U.S.: Total confirmed cases as of 3:30 p.m. ET: 5,171,343 — Total deaths: 165,328 — Total recoveries: 1,714,960 — Total tests: 63,252,257Map.
  3. Politics: Pelosi says Mnuchin called her, White House is "not budging" on stimulus position.
  4. Business: U.S. already feeling effects of ending unemployment benefits.
  5. Public health: America is flying blind on its coronavirus response.
  6. Education: New Jersey governor allows schools to reopenGallup: America's confidence in public school system jumps to highest level since 2004.
Updated 1 hour ago - Politics & Policy

Pelosi says Mnuchin told her White House is "not budging" on stimulus position

Democrats and the Trump administration remain "miles apart" on negotiations over a coronavirus stimulus deal, House Speaker Nancy Pelosi (D-Calif.) said on Wednesday.

The latest: Around 3 p.m., Pelosi and Senate Minority Leader Chuck Schumer (D-N.Y.) issued a statement saying that Treasury Secretary Steven Mnuchin had initiated a phone call and made clear that the White House is "not budging from their position concerning the size and scope of a legislative package."

New Jersey governor allows schools to reopen for in-person learning

Gov. Phil Murphy in December 2019. Phoot: Tayfun Coskun/Anadolu Agency/Getty Images

New Jersey Gov. Phil Murphy (D) announced Wednesday he will sign an executive order allowing private and public K-12 schools and universities to reopen for in-person learning in September.

The big picture: New York and New Jersey have now authorized school districts to begin reopening. Both states and Connecticut ordered travelers from 31 states to quarantine before crossing their state borders after they were able to manage the pandemic.