Symantec Launches Free Election Security Service
20.9.2018 securityweek IT
Symantec on Tuesday announced the launch of a new service that aims to make elections more secure by helping candidates and political organizations improve their security posture and detect fake websites.
With midterm elections coming up in the United States, tech companies and government agencies have launched various products and initiatives aimed at improving election security.
The threat is not just theoretical. Microsoft revealed last month that it had spotted and disrupted several election-related domains apparently set up by a Russia-linked threat actor.
Symantec has now also joined the list of companies offering election-related solutions with a free service. The main tool is Project Dolphin, an anti-phishing service that leverages Symantec technology and the cybersecurity firm’s massive telemetry to discover spoofed versions of legitimate websites.
According to the company, political candidates and campaigns can sign up and they will be notified if Symantec discovers a fake version of their website. While the service is targeted at political campaigns, it can be used for free by anyone interested in finding spoofed versions of their site.
Symantec told SecurityWeek that fake websites are identified based on domain names, page content or code stolen from the targeted site, and various other technologies and methods.
“Image analysis is particularly effective, using Deep Learning image recognition techniques to create a ‘fingerprint’ of the legitimate website which will then recognize it elsewhere on the internet,” Symantec explained. “The success of a phishing attack is dependent on the victim believing they are seeing a legitimate webpage. Attacks can’t look like and not look like the targeted page at the same time, so cybercriminals have their hands tied in trying to defeat this technology.”
The telemetry leveraged by Project Dolphin comes from a number of sources, including 2.4 billion emails and 1.8 billion web requests the company sees every day, and data collected from 175 million business and consumer endpoints. In addition, Symantec’s so-called “spiders” crawl the web to harvest telemetry on both good and bad sites.
The Dolphin Project is not the only resource available as part of the new election security service. Symantec also provides election security best practices for poll workers, voters and government officials; training videos on how to spot and block tampering attempts; aggregated news; and blogs containing analysis, tips and other relevant information.