The 2016 U.S. Presidential Election is a global phenomenon. But candidates aren’t the only ones vying to connect with the people. Behind the scenes, stealthy cybercriminals are immersing themselves in the political banter, gathering information and intel to drive their own criminal agendas. What exactly motivates a cyberattacker to take advantage of elections?
- Traditional cybercrime: The primary motive behind a cybercrime or attack is financial gain and is carried out by leveraging stolen data. Security reporter Brian Krebs has published several excellent articles on how cybercriminals monetize stolen data. This is exactly the type of data being asked for during the election time period by a number of interest groups.
- Cyber hacktivism: Hacktivist-driven attacks are motivated by ideological differences. The goal here is not financial gain. Rather, hacktivists focus largely on persuasion or dissuasion to shift, stop or silence a political group or message.
The election also presents a unique opportunity for cybercriminals to tailor their attack methods, based on political campaigns, platforms and candidates. Employing manipulative social engineering lures, cybercriminals often target the weakest link in a security system – the users – to accomplish their politically fueled goals.
Common social engineering tactics that today’s stealthy cybercriminals use include ransomware, phishing, spear phishing, watering hole attacks, social networking attacks and more. Here are some ways an attacker might use social engineering based on political interest to trick a user into granting unlawful network access:
- Via email or Twitter, by sending a direct message claiming the recipient has won a prize in return for signing a political petition; recipient must provide credit card information to receive the gift.
- Unrequested emails prompting password changes or updates to private political groups on the internet or social media channels.
- Attempt to convince the recipient to open an email attachment that contains malware by claiming the attachment contains critical information pertaining to his or her favored political party.
- Via an email message that claims there is a problem with one of the political groups he or she belongs to on Facebook, which can include a link to a mock web page where login credentials are required to resolve the issue. The fake site delivers the information directly to the cybercriminal to use or distribute as needed.
The digital political arena is rife with malicious cybercriminal activity, and the commitment and level of sophistication will only continue to rise. So just what can you do to protect your valuable data and prevent falling victim to these stealthy attempts?
Don’t Get Phished
Following are five best practices to protect yourself from stealthy phishing and other social engineering attempts:
- Think before you click. Never click embedded links within an email, especially if you aren’t absolutely certain of the sender’s authenticity. Although a URL in an email may look authentic, oftentimes, cybercriminals mask the true destination. Instead, open a new browser window and type the URL directly into the address bar to confirm the address.
- Watch out for scare tactics. Phishers often employ scare tactics, threatening to disable an account or delay services until new or updated information is provided. Don’t fall for it. Legitimate organizations, particularly those in the political and financial markets, will never request sensitive information via email.
- Ignore unprofessional emails. Emails containing noticeable levels of typos and misspellings are often telltale signs of a phishing attempt. Similarly, fraudulent emails are often personalized and addressed directly to the individual; while real, authentic emails from political groups, financial organizations or other similar businesses, will typically reference the specific details of a given transaction or account.
- Go directly to the source. Always be wary of emails requesting confidential information, particularly requests leveraging an embedded form. (Forms allow malicious senders to track all information entered.) If you do receive an email of this kind, open a new browser window and go directly to the intended source, or pick up the phone and verify the request.
- Beef up security. Block these attempts from ever entering the network in the first place with an automated, prevention-first, platform approach to cybersecurity.
In cybersecurity, especially in the political context, architecture matters. With the right architecture in place, political teams or organizations – security architects, network admins, executives and board members – should work together to ensure individuals, employees and political allies understand they are active targets for cyberattacks and set expectations for secure behavior, policy compliance, and follow-through with frequent and recurring communications.
To learn more about cybersecurity best practices and how Palo Alto Networks Next-Generation Security Platform can prevent successful security breaches and keep your mission-critical data protected, visit the Palo Alto Networks website.
Rock the Vote!
~Stephanie (@Stephyjay23)