Thursday, November 6, 2008

US Election over but more Security lessons to learn

As the US election comes to an end,with Barack Obama being the first black president of United States, there are some interesting things that we can learn from this election.

Months before the election, there were already many concerns on the electronic voting machines. There were reports on "flipping votes" (marking a vote for a different candidate than the one selected) and interface that was misleading, which worried the security experts. These had lead to the push for better checks and audit on those voting machines.

The advises that were given to the voters were to double-check on their votes. When in doubt, not to be afraid to ask for help during the voting.

Beside the problem with the voting machines, there were also reports on ways or "dirty tricks" used to influence the result of the election. There were reports of automated phone calls, sms, email or even flyers intended to convince the receiver that they should vote the day after the election, or providing false polling venue so that they will miss the voting day and their chance to support the candidates (useful on those states that pro their opposition).

- An example of those email:
From: Office of the Provost
Subject: Election Day Update

To the Mason Community:

Please note that election day has been moved to November 5th. We apologize for any inconvenience this may cause you.

Peter N. Stearns

- End of email

- An example of those SMS:
"Due to long lines if you are voting for Barack Obama you can vote tomorrow"

"Due to long lines, all Obama voters are asked to vote tomorrow".
- End of SMS

While some trying to influence the election results, others were using this election to send out malwares. Emails that were claiming to contains Obama's speech or interview were found to be spamming over the Internet. Video or download links will lead users to download the malware while trying to click on the speech or interview.

Currently the malwares that were found from those email were a keylogger that will sends the stolen keystrokes to the Ukraine and a trojan downloader that will automatically download more malwares into your system.

- An example of those email
Subject: Barack Obama wins

Barack Obama Elected 44th President of United States

Barack Obama, unknown to most Americans just four years ago, will become the 44th president and the first African-American president of the United States.
Watch His amazing speech at November 5!

Proceed to the election results news page>>

2008 American Government Official Website
This site delivers information about current U.S. Foreign policy and about American life and culture.
- End of email
Spoofed Email of Obama's Speech

Every election is not as simple as what we think. There are always someone who is trying ways to manipulate the results, trying to make use of the situation for their own benefit. Just don't blindly focus on the results. Be mindful of others that is taking advantage of the situation.

Related Articles:
- Concerns continue to shadow e-voting (Security Focus)

Election Hoax Sent Via D.C. Based E-Campaign Group

- US Presidential Malware - Barack Obama Interview Lure (WebSense Alerts)

No comments: