Software // Enterprise Applications
News
10/10/2007
05:33 PM
Connect Directly
LinkedIn
Twitter
Google+
RSS
E-Mail
50%
50%

Cybercriminals Could Steal Elections, Security Researcher Warns

Risks include the dissemination of misinformation, fraud, phishing, malicious code, and the invasion of privacy, according to Symantec analysts.

According to the book, most of the typo sites appear to have been set up to earn ad dollars using the candidates' names rather than to place a particular person in office. It's also worth noting that some typo sites are satirical in nature and are thus constitutionally protected free speech rather than attempts to dupe or defraud voters.

Yet, Friedrichs cautions, extremists unaffiliated with a particular campaign might try to attack a campaign's opponents online. "What we have seen in the past is denial-of-service attacks against candidate Web sites," he said. "For example, in 2006, we saw attacks against the Joe Lieberman Web site, Joe2006.com, and that site was taken offline for some time. ... As a result, the e-mail system for the campaign was unavailable."

To date, there's no evidence to suggest that cybercriminals have altered the outcome of an election. "We have not seen an attack that has had a meaningful impact on the outcome of an election yet," explained Friedrichs.

But the impact of cybercrime on the electoral process need not be that severe to be troubling. "We do believe that tactics that we see in the physical world like voter intimidation and deception are likely to manifest themselves in the cyberworld as well," said Friedrichs.

One of the possible attacks that concerns Friedrichs is the diversion of funds. "For example, if I'm a phisher, I can set up a phishing site or a typo site and a victim coming to that site may believe he's contributing a donation to one particular candidate, but on the back end we can actually redirect that transaction to a completely different candidate. So essentially, the victim would be donating to their candidate's opponent. And that has the potential to really cause voters to lose faith in the online donation system as a whole."

All 17 of the 2008 presidential candidates researched by Symantec accept online donations, according to Friedrichs.

As to how such issues might be dealt with, Friedrichs doubts legislation will help. Laws like the Can-Spam Act, he said, haven't had a meaningful impact on the distribution of spam.

"There are already a number of countermeasures that campaigns can leverage," said Friedrichs. "What we find is that many of [the politicians], being relatively new to the Internet, really haven't become aware of the best practices they should be taking. One of the goals here is to raise awareness of those best practices."

Previous
2 of 2
Next
Comment  | 
Print  | 
More Insights
Building A Mobile Business Mindset
Building A Mobile Business Mindset
Among 688 respondents, 46% have deployed mobile apps, with an additional 24% planning to in the next year. Soon all apps will look like mobile apps and it's past time for those with no plans to get cracking.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - July 22, 2014
Sophisticated attacks demand real-time risk management and continuous monitoring. Here's how federal agencies are meeting that challenge.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.