Hacking gets political
According to a recent report from Sophos, a new Web page infected with malicious code was discovered every five seconds in the first quarter of 2008. Unfortunately for Barack Obama's campaign managers, one of those Web sites apparently was theirs.
According to the Symantec Security Blog, the infection was reported shortly before the critical April 22 Democratic primary election in Pennsylvania. A post on the Obama campaign Web site included code to redirect visitors to Sen. Hillary Clinton's campaign site.
The hack appears to have been relatively benign ' although the folks in the Obama camp might not agree ' but the same vulnerabilities could be used to execute more malicious code or involuntarily direct visitors to a more malicious site. According to Symantec, someone probably posted code in a portion of the Web site that allows posting of public comments. Attempting to view that post could cause the browser to execute the command and be redirected.
The problem was quickly caught and corrected and, for the record, there is no indication that the Clinton campaign had anything to do with it.
The attacks are by no means unexpected. Oliver Friedrichs, director of emerging technology at Symantec Security Response, wrote a chapter on cybercrime and the electoral system in the book 'Crimeware,' published by Symantec Press and Addison- Wesley Professional. 'Every campaign is online today,' Friedrichs said at a conference earlier this year in Washington. 'Everyone uses e-mail, they have Web sites and they blog.'
Andy Warhol famously predicted that in the future everyone would be famous for 15 minutes.
He might not have been right about that, but with a new Web site hosting malicious code being discovered every five seconds, it is only a matter of time before every Web site gets to be compromised.
William Jackson is a senior writer of GCN and the author of the CyberEye blog.