October 21, 2007
Cybercrimes may have occurred in recent elections. There have been frequent suspicions but no conclusive proof. Now it is possible that ever more sophisticated schemes may be used to skew election results. This should be required reading for all candidates and their staff. But the focus is usually more on creating a new direct-mail piece or tv commercial.
Hackers could skew US elections
- 13:38 09 October 2007
- NewScientist.com news service
- Jessica Marshall
The web may not deserve its reputation as a great democratic tool, security experts say. They predict voters will increasingly be targeted by internet-based dirty tricks campaigns, and that the perpetrators will find it easier to cover their tracks.
While politicians have been quick to embrace the internet as an enabler for democracy, established security threats like spam emails and botnets – collections of “zombie” computers remotely controlled by hackers – all open new avenues for fraudulent campaigning. So said experts at an e-crime summit at Carnegie Mellon University in Pittsburgh, Pennsylvania last week.
Dirty tricks are not new. On US election day in 2002, the lines of a “get-out-the-voters” phone campaign sponsored by the New Hampshire Democratic Party were clogged by prank calls. In the 2006 election, 14000 Latino voters in Orange County, California, received letters telling them it was illegal for immigrants to vote.
The harsh reality is that computers can do more untraceable damage to election campaigns — and most candidates and their high-priced consultants are oblivious to the threats and therefore do nothing to protect themselves from cybercrime. The article below focuses on federal elections but the same kinds of dirty tricks can impact any political campaign — from proverbial dogcatcher on up to those with aspirations of occupying the Oval Office. Some of these threats are so insidious that it would be hard to prove that they ever happened. But others like “typosquatting” should be addressed by every campaign that uses the internet.
Oliver Friedrichs of Symantec chaired a panel at last week’s APWG e-Crime Research Summit in Pittsburgh. He has now published much of his work in a chapter from the forthcoming “Crimeware” book.
Here is Oliver’s summary of what is covered:
Abuse of Candidates’ Internet Domain Names and Typo Squatting – In order
to determine the current level of domain name speculation and typo
squatting in the 2008 federal U.S. election, we performed an analysis of
17 well known candidate domain names in order to seek out domain
speculators and typo squatters. Our results were interesting to say the
least. Candidates have not done a good job at protecting themselves.
Some of the examples of infringement are quite interesting and humorous.