<<< Date Index >>>     <<< Thread Index >>>

Research: Cybercrime and the Electoral System



Bugtraq readers,

This may be a little off-topic, but hopefully still of interest to this
audience,
 
Last Friday I had the opportunity to moderate a panel - Political
Phishing - A Threat to the 2008 Campaign? - held as part of the
Anti-Phishing Working Group eCrime Researchers Summit hosted by Carnegie
Mellon CyLab in Pittsburgh, PA. Our panelists were Rachna Dhamija from
Harvard University, Chris Soghoian from Indiana University , and Pat
Clarke of Jackson/Clark Partners. We had some great discussion on the
potential impact of Internet-borne threats to the upcoming US
Presidential Election.
 
I wanted to draw your attention to some new research that I conducted,
focusing on the impact of cyber threats on the electoral system, with
particular emphasis on the upcoming 2008 election.  You can find an
introduction and link to the paper on my blog, here:
 
http://www.symantec.com/enterprise/security_response/weblog/2007/10/cybe
rcrime_politics.html
 
And the paper itself hosted here:
 
http://www.symantec.com/content/en/us/enterprise/media/security_response
/whitepapers/cybercrime-electoral-system.pdf
 
Some the areas that we examined include,
 
Abuse of Candidates' Internet Domain Names and Typo Squatting - In order
to determine the current level of domain name speculation and typo
squatting in the 2008 federal U.S. election, we performed an analysis of
17 well known candidate domain names in order to seek out domain
speculators and typo squatters. Our results were interesting to say the
least. Candidates have not done a good job at protecting themselves.
Some of the examples of infringement are quite interesting and humorous.
 
Phishing - When considering the 2004 election as a whole, phishing
presented only a marginal risk. At the time, phishing itself was still
in its infancy, and had yet to grow into the epidemic that can be
observed today. When we revisit the potential risk of phishing to the
2008 federal election, we find ourselves in a much different position.
Candidates have flocked to the Internet in order to communicate with
constituents, as well as to raise campaign contributions online. We
performed an analysis of campaign web sites in order to determine to
what degree they allow contributions to be made online. The most
concerning attack may involve the diversion of online campaign donations
intended for one candidate, to another, entirely different candidate,
entirely undermining voter confidence in online donations.
 
Adware - There are a variety of ways in which adware may be used in
order to influence or manipulate users during the course of an election.
We discuss those in this chapter as well.
 
Spyware - Spyware poses a new risk to the mass accumulation of
election-related statistics used to track election trends. Spyware has
the ability to capture and record user behavior (including Web browsing,
party affiliation, online campaign contributions and email traffic)
without voters' knowledge or consent. This changes the landscape
dramatically when it comes to election-related data collection.
 
Keyloggers and Crimeware - Crimeware can collect personal, potentially
sensitive, or legally questionable information about individuals that
malicious actors can use either to intimidate voters or hold for ransom
to sway votes. A carefully placed, targeted key logger has the potential
to cause material damage to a candidate in the process of an election.
Such code may also be targeted towards campaign staff, family members,
or others who may be deemed material to the candidate's efforts. 
 
Campaign Web Site Security - The breach of a legitimate candidate's Web
site would allow an attacker to have direct control over all content
viewed by visitors to that site. This may allow for the posting of
misinformation, or worse, the deployment of malicious code to unsecured
visitors.
 
Public Voter Information Sources - The Federal Election Commission (FEC)
maintains a publicly available record of all campaign contributions. The
database contains contributors' personal information.
 
Intercepting Voice Communications - With the evolution of smart-phone
spyware, the infection of a candidate, campaign staff, or candidate's
family's cell phone with such a freely available application could have
dire consequences. Now, all back-room and hallway conversations partaken
by the candidate can be monitored at all times and intercepted by the
attacker. Worse, opinions that were perhaps not shared with the public
or outsiders are recorded and available for later playback, introducing
the potential for widespread exposure and damage.
 
Oliver