Cyber crimes using business emails have cost more than $43 billion since 2016.

I suppose I am not shocking anyone by telling you that email has become a prime target for modern cyber criminals, who leverage it for everything from espionage, to data theft, to the spread of false information—even for sextortion.

The numbers are mind-blowing. Cyber criminals are estimated to send around 3.4 billion emails daily, cleverly disguised to appear as if they're from reliable sources. This amounts to more than one trillion phishing emails every year. It's a huge deal. Scams using business emails have cost over $43 billion since 2016, according to the FBI. But it's not just about losing money. These scams can ruin a company's good name, mess up how it works and even lead to important and secret ideas being stolen.

Advanced Protection Program (APP) is our strongest level of Google Account security and provides extra safeguards against common attacks like phishing, malware and fraudulent access to data. We developed APP for people at high risk of cyber attacks, like journalists, elected officials, political campaign staff and human rights workers.

Today, we’re making it even easier for high risk users to enroll and use the program by making passkeys available in APP. Users traditionally needed a physical security key for APP — now they can choose a passkey to secure their account.

Advanced Protection Program (APP) is our strongest level of Google Account security and provides extra safeguards against common attacks like phishing, malware and fraudulent access to data. We developed APP for people at high risk of cyber attacks, like journalists, elected officials, political campaign staff and human rights workers.

Michael Kaiser joins The Great Battlefield podcast to talk about his career in cybersecurity and how Defending Digital Campaigns works to protect campaigns from attacks by providing them with free resources and tools.

Cybersecurity plays a pivotal role in democratic campaigns and elections. To support their effective security and management, election campaigns and committees need access to the latest industry-leading security services and resources, regardless of their budget. That’s why Amazon Web Services (AWS) is continuing its collaboration with Defending Digital Campaigns (DDC) to offer more than 20 cybersecurity-related AWS services for low-to-no cost to all active and registered national party committees and federal candidate campaigns.

Beginning in 2020, AWS collaborated with DDC to provide essential security services and resources to eligible election campaigns, regardless of party affiliation. In 2022, AWS expanded the offering to include 20-plus services. Since then, AWS has continued to improve its offerings for this collaboration, ensuring election campaigns on both sides of the aisle have access to leading security services for the 2024 cycle.

WASHINGTON – As the 2024 election season begins, Defending Digital Campaigns (DDC), a nonprofit, non-partisan and non-aligned C4 organization that provides free or low-cost cybersecurity resources to political campaigns, yesterday co-hosted with Google the Campaign Security Summit: Protecting America’s Democracy in Cambridge, Mass. The summit was part of the Campaign Security Project in which Google and DDC host a series of regional summits for high-risk election-related stakeholders. 

Hackers send billions of emails every day hoping to trick people into revealing sensitive login credentials. Yubico’s YubiKeys lock down access credentials by making them impossible to transmit digitally. Every user carries a physical YubiKey fob that plugs into a computer to confirm their identity, eliminating annoying authentications that involve texts and mobile phones. “When you have a hardware-backed solution like ours, there‘s no way for someone else to use your credentials to get access to systems, because it's just in your pocket,” says CEO Mattias Danielsson. In 2023, Yubico started or expanded partnerships with Google, Apple, Microsoft, and more, and its enterprise clients drove net sales to $170 million, an 18% increase. With U.S. elections ahead in 2024, it is working with Defending Digital Campaigns, a U.S.-based nonpartisan nonprofit providing eligible political campaigns with resources to defend themselves, and democracy, from hackers.

Cybersecurity experts from around the country gathered at Google's Boulder campus this week for a summit focused on election threats.

Not only are there hundreds of races in Colorado, but half the world's population is casting ballots this year and at the same time advances in technology make it easier than ever for hacktivists to sow confusion, influence public perceptions and disrupt elections.

Cybersecurity scams continue to hit major corporations, health systems and even luxury goods consumers. A dearth of recent headlines about the campaign industry would seem to indicate that consultants have been relatively unscathed by these online threats.

Sure, there are cases of cybersecurity breaches that have been exposed publicly in the campaign industry, but they’re few and far between.

But those high-profile cases may just be the tip of the iceberg. The reality is that many more firms in the industry may have suffered breaches without disclosing them publicly, according to one cybersecurity expert.

MAY 9, 2024, WASHINGTON – As the 2024 election season begins, Defending Digital Campaigns (DDC), a nonprofit, non-partisan and non-aligned C4 organization that provides free or low-cost cybersecurity resources to political campaigns, announced today that it will co-host with Google the Campaign Security Summit: Protecting America’s Democracy in Boulder, Colorado. Colorado Secretary of State Jena Griswold, who has overseen eight statewide elections, will provide opening remarks, and George P. Bush, former Texas Land Commissioner, will be joining a panel. Scheduled to take place on May 16, the summit is part of the Campaign Security Project in which Google and DDC are hosting a series of regional summits for high-risk election-related stakeholders. 

When it comes to online election risks, leaders of Georgia’s Republican and Democratic parties agreed that candidates need to be on high alert against the dangers of hacks and misinformation.

Candidates should protect themselves from cybersecurity threats and viral falsehoods, party officials told a crowd of industry experts Tuesday at an Atlanta event sponsored by Google and a nonprofit it supports called Defending Digital Campaigns.

WASHINGTON, March 19, 2024 /PRNewswire/ -- In preparation for a historic year of elections, Defending Digital Campaigns (DDC), a nonprofit, non-partisan and non-aligned C4 organization which provides free or low-cost cybersecurity resources to election campaigns, announced today that it has received approval from the Georgia Ethics Commission to provide its free cybersecurity tools and training to campaigns at every level in the state. Under separate approval from the Federal Election Commission (FEC), DDC is already able to provide these tools to state parties and candidates running for federal office.

Go passwordless and stop attacks with the best-in-class security keys that can store up to 250 unique passkeys, and learn about our 2024 commitment of 100,000 keys to global high risk users.

During today’s Aspen Cyber Summit in New York City, we rolled out the latest version of our Titan Security Key — now available on the Google Store. Throughout 2024, we’ll also begin distributing 100,000 of these new security keys at no cost to global high risk users alongside our industry partners.

Google is distributing another 100,000 free pieces of security hardware to protect people involved in high-risk industries.

Google’s Titan Security Keys work as a “second factor” that can be used after passwords are entered. They can also store passkeys — which let users sign in to apps and sites the same way they unlock their devices: with a fingerprint, a face scan or a screen lock PIN.

With Titan Security Keys, users can store passkeys for accounts beyond Google, including Microsoft. It uses FIDO2 technology, a security standard for authentication on the web.

Political campaigns are ramping up their protections, worrying the next in a rising number of ransomware attacks could target them.

Cyber criminals have gone after an ever-increasing number of targets, from Colonial Pipeline to JBS USA. And political campaigns are painfully familiar with risks after the 2016 attacks on the Democratic National Committee (DNC).

“I think we have already seen Armageddon in what happened in 2016 at the DNC,” said Jesse Thomas, senior director of impact and mobilization of the Democratic firm Bully Pulpit Interactive.

Google announced Tuesday it is expanding its efforts around election security by providing free training to state and federal campaigns in all 50 states.

The company detailed the effort in a blog post, saying it will involve supporting nonpartisan virtual cybersecurity trainings for state and federal campaigns across the country and deploying a digital “help desk” to answer security-related questions for campaigns.

The new effort marks an expansion of Google’s work with the nonprofit group Defending Digital Campaigns (DDC), which provides free or low-cost security services to campaigns to help defend against malicious hackers.

Last year at the start of the U.S. 2020 election season, we announced our collaboration with Defending Digital Campaigns (DDC), a nonprofit and nonpartisan organization, to give any eligible Federal campaign access to free Titan Security Keys—the strongest form of two-factor authentication. This collaboration is a part of our Advanced Protection Program, which protects high-risk individuals who have access to high visibility and sensitive information, such as election officials, campaigns, activists and journalists. In the lead up to the 2020 elections, DDC distributed more than 10,000 Titan Security key bundles to more than 140 U.S. Federal campaigns.

Google is expanding its election security efforts to include support for state-level campaigns ahead of the 2022 midterm elections, FOX Business has learned.

Google, as part of the worldwide annual Safer Internet Day, also announced it is partnering with the National Cybersecurity Center to provide training for state leaders.

Google noted that it made it “a priority to equip campaigns with tools they need to strengthen their own security, protect themselves against digital attacks and reach voters” during the 2020 election cycle.

It appears that this year’s presidential election campaigns avoided the sorts of cyberattacks that played out in 2016. No emails leaked this time — not yet, anyway.

The outcome could highlight an opportunity in the already-lively security market. CrowdStrike and Zscaler have seen their stocks appreciate more than 200% this year.

One thing that changed in the past four years: Politicians, campaign workers and their friends and family members started counting on little USB sticks to securely log in to email accounts and other online services. Google sells these widgets, known as physical security keys, as do smaller companies such as GoTrust, TrustKey and Yubico.

Google worked with a nonprofit called Defending Digital Campaigns to give out more than 10,500 kits containing physical security keys, the company said in a blog post on Dec. 9. The Federal Election Commission authorized the nonprofit to distribute cybersecurity products to campaigns for free or discounted prices, meaning campaigns wouldn’t have to worry about money if they wanted to boost security. Microsoft also works with the nonprofit.

As the 2020 presidential election nears, the U.S. populace is as divided as it has been in a long time – and the tempestuous climate could lead to a surge in activity among hacktivists seeking to make a statement.

Just this week, Reuters reported that hackers are testing the defenses of President Donald Trump’s campaign and business websites, possibly as a precursor to a future attack intended to take the sites offline. Access to several sites was reportedly already disrupted for short bursts of time from March 15 through June 6.

But this could just be the start of a wave of new hacktivism incidents that sabotage the websites or networks of political bodies, and perhaps businesses that take a controversial political stance.

“Given the current climate in the U.S. and the amount of activism going on, I think it’s fair to assume that hacktivism activity would parallel community-level activities, since the web is just an extension of activities in real life,” said Michael Kaiser, president and CEO of Defending Digital Campaigns, and former executive director of the National Cyber Security Alliance. “I fully expect disrupting a campaign, person or organization viewed as an opponent — in order to convey a message or do greater harm — would be part of the hacktivism playbook.”

[excerpt] President Trump signed an executive order to protect the power grid from hackers last week, but experts warn that the 2020 campaign cycle has already suffered cyberattacks.

Elections large and small are looming in an increasingly work-from-home and social-distancing environment, one that has forced many campaigns (like most Americans) to conduct their day-to-day operations remotely. That has created a perfect opportunity for bad actors online, experts warn, and it could pose an unprecedented threat to the integrity of the U.S. elections…(continue)