Symantec takes on election hacking by fighting copycat websites | Cyber Security
Latest breaking news on Cyber security
The feature could help take away an important weapon in thearsenal: the spoof website.
Lookalike websites could imitate official government sites and report false information about candidates or voting. What’s more, they’ve already been used to imitate a login page to trick campaign workers to enter their valuable usernames and passwords.
That approach, called phishing, was key to letting hackers gain access to the emails and internal documents of important Democratic Party organizations and key figures in Hillary Clinton’s 2016 presidential campaign, according to of the Russian hackers alleged to have stolen and leaked emails from the groups.
Symantec offers its tool — called SpoofProof — as election officials are trying to batten down the hatches for the 2018 midterm elections. Concerns over election hacking are increasing as experts say it’s too late to stop hackers in this election cycle, but there still may be hope for 2020. Symantec’s free tool won’t take on the problems of hackable voting machines or remove every hacking strategy from the table for well-funded hackers.
Still, there’s no denying phishing and spoofed websites are a big part of the problem. What’s more, phishing has proven one of the hardest cybersecurity problems to fight since the dawn of email, because hackers can create very convincing fakes, and because one mistake from a human being is all it takes to let hackers run amok. (The FTC suggests that you be cautious about following links in emails and that you use two-factor authentication to avoid letting hackers make your inbox their playground.)
Everyone slips up now and then, so tools like Symantec’s offering aim to take human error out of the equation.
With the new service, Symantec is repurposing a tool it already used for its paying customers and making it publicly available. SpoofProof takes images of legitimate websites and scans the internet looking for similar sites.
Campaigns, election officials or “anyone who thinks they could use that service” can register and have Symantec patrol for online poseurs, said Eric Chien, technical director of security response at Symantec.
Chien said Symantec will provide further assistance if the campaign or election official administering the spoofed website wants to buy their services after learning of a copycat. But that’s not the company’s main goal, he said.
“We’d be happy to help, but ultimately our goal is to notify the administrator,” Chien said. “It’s really, really free.”
The company also can tell organizations if there are telltale signs that the group imitating them is a known collection of hackers. That includes the group identified by US Intelligence agencies to be Russian intelligence agency GRU, called Sofacy by Symantec and a slew of other names by the company’s competitors. (Crowdstrike, the cybersecurity company that discovered the hackers on the Democratic National Committee’s systems in 2016, calls the hacking outfit Fancy Bear.)
“That group remains active, and we accumulate daily indicators of [their behavior],” Chien said.
Security: Stay up-to-date on the latest in breaches, hacks, fixes and all those cybersecurity issues that keep you up at night.
Blockchain Decoded: CNET looks at the tech powering bitcoin — and soon, too, a myriad services that will change your life.