Everyone from Members of Congress to the voter on the street wants to know whether election security has improved. Former Facebook security chief Alex Stamos has an answer – in a recent interview he said that the U.S. is not in “much better shape in 2018 than we were in 2016.”
While this bleak assessment is yet another grim reminder of the threats and challenges that are out there, election officials need more than just gloom and doom. They need workable and scalable solutions.
An unlikely place to find a glimmer of hope is the recent hack against the Democratic National Committee (DNC) – which turned out be a red-teaming exercise being conducted by a third party. In addition, the fact that this “attack” was detected early suggests that there are some practical solutions state and election officials can leverage to improve their security.
In this particular incident, the DNC’s security team identified a phishing attack launched using a spoofed website. In these types of attacks, victims receive a fake email from a trusted source containing a link to a malicious website. The target will then visit that website, enter their credentials, and lose control of their information – in other cases, malicious spyware gets downloaded to their machines. These sites look and feel legitimate but in reality, are serious traps.
This attack vector is not new or unique. Symantec’s Project Dolphin, which is designed to detect phishing sites similar to the one involved in the DNC incident, uses machine learning and advanced image analysis to identify phishing sites and block access to them across endpoints, email, and other related systems. Earlier this year, Project Dolphin detected and blocked its 1 millionth phishing site.
What makes the 1 million number so significant is that these attacks are not random automated attacks but rather are crafted to target particular organizations. It’s also why election officials need to pay attention. Each month Project Dolphin continues to identify, and block thousands of new attacks and we expect this pace to only pick up as the elections draw nearer.
Although some critics pilloried the DNC over the incident—no one told the security team that it was a test—the fact is they detected and countered a sophisticated attack in a timely manner. That the security team was unaware of the test only makes it more of a real-world live-fire exercise. As we’ve seen from numerous other incidents, not all organizations are so prepared. In other words: Job well done.
Election security officials around the country need to take heed of this and take similar measures to shore up their defenses. The tools exist for them to protect themselves now. They just need to take advantage of them. Forewarned is forearmed.
Find All of Symantec's Information on Election Security Here
We encourage you to share your thoughts on your favorite social platform.