William Jackson | Online campaigning: One more ugly side of politics
- By William Jackson
- Nov 12, 2007
The Internet is being used by candidates in the 2008 election cycle to an extent not seen before in politics, and not always to the good.
Longshot Republican presidential candidate Rep. Ron Paul of Texas, whose campaign has gained something of a cult following due in large part to its Internet presence and the enthusiasm of bloggers, opened a lot of eyes by raising more than $4 million in 24 hours on Nov. 5. Some 36,000 contributers gave an average of $103 each to the online fund-raising site. This good news was tempered several days later when Dallas-Fort Worth TV station KTVT reported that thieves apparently had used stolen credit card numbers to make $5 donations to Paul's campaign.
The numbers apparently had been stolen from a bank, which refunded the money to 100 customers and canceled some 500 cards that had been compromised. The campaign told CBS News that it was refunding about $3,000 that had been contributed via the stolen numbers. For the record, a campaign spokesman said, 'Ron Paul does not have anything to do with this.'
There is no indication Paul did have anything to do with it. It probably was an effort by thieves to validate their stolen account numbers.
'This is not new,' said Oliver Friedrichs, director of emerging technology at Symantec Security Response. 'We've seen it in the past on charity Web sites.'
Still, this has got to be an embarrassment that no candidate needs. But with all 19 major presidential candidates hosting official Web sites, they already are being subjected to cyber embarrassments. Friedrichs has contributed a chapter on cybercrime and the electoral system to the upcoming book 'Crimeware,' to be published by Symantec Press and Addison-Wesley Professional.
'Some of these attacks, including those involving the diversion of online campaign donations, have the potential to threaten voters' faith in our electoral system,' he writes.
Although donations from stolen accounts are not new, 'I don't think we've seen this with a campaign before,' he said in an interview. 'But we did predict something like this would happen.'
The problems date back at least three years. 'We have seen a number of attacks against campaigns,' he said. Two different phishing attacks were reported against the Kerry-Edwards campaign in 2004, one fraudulently soliciting contributions, and the other directing supporters to call a phone number for which they would be charged. Two years later, Joe Lieberman's campaign site underwent a denial-of-service attack. 'That attack took him offline.'
Problems in the current campaign season are only beginning, according to research Friedrichs has done on phony Web sites. He looked at two types of common fraudulent URLs: Typos of legitimate sites, and cousins, which are variations of a site name.
'A large number of both typo and cousin domain names have been registered by parties other than the candidate's own campaign,' he writes in 'Crimeware.' 'In analyzing our results, we found that many of the registered Web sites are registered for the purpose of driving traffic to advertising Web sites. Secondly, we see that candidates have not done a good job at protecting themselves by proactively registering typo domains to eliminate potential abuse.'
Friedrichs found 242 registered typo domains and 2,287 registered cousin domains. Not surprisingly, the front-running candidates were the most frequently targeted. There were 58 Hillary Clinton typo sites registered, and 52 for Barack Obama. There were 566 Clinton cousin domains registered, and 337 Obama cousins. (And no, none of those cousins were Dick Cheney.) Paul came in third on the cousin list with 276 phony domains registered.
Some of the phony sites direct visitors to legitimate sites, some serve up advertisements and some are politically malicious. Any of them could be used to upload malicious code to an unsuspecting visitor or solicit contributions.
So, 'tis the season to beware: candidates and voters, solicitors and contributors.
William Jackson is freelance writer and the author of the CyberEye blog.