Political campaigns are about to find out just how strong their cybersecurity defenses actually are.

Why it matters: With four days left until Election Day, hackers and disinformation operatives are expected to go all out to target as many campaigns as possible by trying to take down key websites or by spreading lies about the integrity of a campaign.

• Campaigns are facing mounting threats from nation-state spies, cybercriminals and politically motivated hackers looking to collect secrets and cause chaos.

The big picture: Political campaigns have unique needs to properly secure their systems.

• These organizations need to onboard staff as quickly as possible, and they don't have time to try out different security vendors.
• Each campaign also has its own budget, run time and tech stacks. Not every campaign can afford to work with multiple vendors, and the solutions they pick need to be installed quickly.

Threat level: In 2024, campaigns are seeing threats from every possible foreign adversary, as well as politically motivated hackers and cybercriminals.

• That's unlike 2020 or 2016, when just one or two nation-state threats were top of mind, Matthew Masterson, director of information integrity at Microsoft, told Axios.
• "We see China, we see Russia, we see Iran actively targeting this election," said Masterson, who is also a former commissioner for the U.S. Election Assistance Commission.

Driving the news: News of a China-linked phone hacking campaign targeting the U.S. presidential race — and government officials — has brought campaign cybersecurity to the top of campaigns' priority list.

• This week, the New York Times reported that Salt Typhoon also targeted phones belonging to Eric Trump, Jared Kushner and Biden administration officials in its most recent campaign.

Catch up quick: The 2016 Russian hack and leak of the Democratic National Committee's emails kick-started conversations about how to properly secure a political campaign from government adversaries.

• Now, election and intelligence officials are facing a wider range of problems, including threats of website takedowns and phone hacking.
• Hackers have also started targeting tech vendors who provide services to political campaigns, Alissa Starzak, global head of public policy at Cloudflare, told Axios.

Between the lines: When any organization is hacked, its peers often worry they'll be next. The same is true for political campaigns, Starzak said.

• Cloudflare has seen some campaigns sign up for its free services offered to political campaigns after hearing about a website takedown impacting another entity, she added.
• Some customers have even upgraded their Cloudflare services after hearing about a distributed denial-of-service attack on another campaign.

The intrigue: High-profile election cyberattacks have focused the conversation and helped campaigns figure out what security tasks to prioritize, Masterson said.

• If they see a campaign's credentials were stolen, they know to prioritize implementing multifactor authentication, he added.

Yes, but: Getting campaigns to dedicate time to participate in a security training is still tough, Masterson said.

• "Every hour matters to a campaign," Masterson said. "But when they're there, man, they're dialed in and taking this seriously."

Reality check: Website takedowns and defacements, disinformation campaigns, and hack attempts are expected to escalate in the days leading up to Election Day.

• Both Cloudflare and Microsoft say they're able to rapidly respond to ongoing incidents or get a campaign access to their services quickly over the weekend.
• The AI Elections Accord — a pledge signed by 27 companies, including Microsoft, to mitigate safety issues tied to AI elections content — also has resources for reporting any deceptive uses of AI tools to various companies.

What's next: Campaigns will soon start winding down, and as they do, they'll need to take certain precautions to ensure their digital data isn't at risk, according to Defending Digital Campaigns, a nonprofit that connects cybersecurity vendors to campaigns.

• Storing passwords to key accounts in a shared password manager, deleting accounts tied to departing staffers, and securing a campaign website in between election cycles are good practices to consider.

AI-generated images of fake Americans sharing political endorsements have received more than 2 million likes, comments and shares on Facebook in the last four months, according to a report released yesterday.

Why it matters: Less than a week from the U.S. presidential election, AI-generated fake images, videos and audio are flooding the internet — and threat actors have been using these tools to spread election disinformation and propaganda.

Driving the news: The Center for Countering Digital Hate released a report yesterday detailing its findings from studying 169 AI-generated posts on Facebook.

• Each of the posts featured an image of a fake person, including those posing as military veterans, sharing right-leaning political views.
• These posts were shared more than 476,000 times between July 1 and Oct. 23.

Zoom in: In one post that was still on Facebook on Wednesday, a military veteran is seen holding a folded American flag with a message that reads, "Veterans deserve better than being second to student loans."

• That image had roughly 54,000 likes and 6,800 shares as of Wednesday.
• In a post that has been removed, an elderly female veteran is shown with the message, "They'll hate me for this, but learning English should be a requirement for U.S. citizenship!" The post had more than 128,000 reactions, and the initial wave of comments came from users who said they agreed with the post.
• However, the image of the elderly veteran failed to accurately replicate actual military ribbons, per the report. They weren't lined up properly, and the colors didn't correspond to any real military honors.

The intrigue: Meta, which owns Facebook and Instagram, never promised to label all AI content, but it has said it'll label what its systems detect as AI generated.

• Meta's policies toward labeling have evolved as AI-generated images have appeared on its network.
• During their study, Center for Countering Digital Hate researchers could not identify a clear way to report AI-generated content.
• Researchers verified posts were AI generated using tools from Hive.

Yes, but: Many of the posts linked in the center's report have already been removed.

• Users have flooded the comments on other posts to warn that the content is AI generated, noting that pins on uniforms aren't right or that a flag is folded incorrectly.
• According to Meta's earnings report this week, the company has 3.29 billion users across Facebook, Instagram and WhatsApp, so 2 million likes is a small percentage of users.

What they're saying: "This really comes down to the AI platforms' failure to come together effectively to protect our democracy by setting standards for transparency and accountability," Imran Ahmed, CEO of the Center for Countering Digital Hate, told Axios.

@ D.C.

🗳️ Election officials in battleground states, including Pennsylvania, Michigan and Arizona, are struggling to fact-check the conspiracy theories Elon Musk is spreading on X, formerly known as Twitter. (CNN)

🏛️ The Justice Department charged six people, including an employee at Rubrik, with conspiring to defraud government agencies in an elaborate IT contract scheme. (Nextgov)

@ Industry

📆 Microsoft is once again delaying the rollout of its Recall feature on AI PCs, which it had planned to release to Windows testers in October. (The Verge)

💰 A year after Broadcom's purchase of VMware, some customers say that prices have more than tripled and that they're pursuing alternative security solutions. (Ars Technica)

🧳 UnitedHealth has hired Tim McKnight as its new chief information security officer, eight months after the devastating ransomware attack on Change Healthcare. (The Record)

@ Hackers and hacks

⚠️ The Colorado secretary of state's office confirmed that partial passwords to the state's voting systems were recently exposed on its website. (CBS News)

💪🏻 Sophos, a popular firewall vendor, details its five-year battle to keep a network of China-based hackers out of its technology. (Wired)

📈 2024 is on track to be another record-breaking year for ransomware attacks. (TechCrunch)

🎤 ICYMI: The Chainsmokers are now cyber investors — and they draw an eager crowd at tech conferences!

• I got to see them speak at TechCrunch Disrupt in San Francisco this week about how they got into this space and their ongoing investment philosophy.
• 🤳🏻 But truly ... I had never seen a crowd actually rush a stage like this audience did to get selfies with the panelists. This town!