Symantec is joining a growing list of tech companies attempting to tackle election security ahead of the midterm elections. Today, the cybersecurity company launched a free service that will let political candidates and campaigns monitor and test the authenticity of their websites.
“Symantec has been focused on election security for many years, but given the gravity of the current security landscape, we are compelled to raise awareness and make it easy for relevant parties to participate in ensuring the integrity of the upcoming election,” said Greg Clark, CEO, Symantec in a statement. “The issues that plagued the 2016 election are still prevalent today and are likely to continue to persist through the midterm elections, into 2020, and into elections globally. It is important for all parties, public and private, to contribute to protecting the security and integrity of our elections and democracy.”
Attracting unsuspecting users to fake websites that contain minor, undetectable differences from legitimate websites, is a popular technique that cybercriminals use to gather personal information, such as birth dates, email addresses, and voting preferences. That data can then be weaponized to influence behavior and attitudes, spread false information, or be harvested for cybercrime.
Users that sign up for the service can run their websites through Symantec’s spoof protection service. The AI-driven technology analyzes websites in Symantec’s existing telemetry and if it discovers a spoofed version of the legitimate site, the company will notify the organization with details.
The company has also launched an information portal designed to provide campaigns and field workers with best practices and resources on election security. The portal includes training videos for polling officials and workers to help them learn to spot and stop tampering efforts, as well as blogs containing analysis, tips, and information related to security for voters, election officials, and candidates. The site will also be aggregating election security news from around the web.
Symantec’s effort comes on the heels of an announcement from Microsoft last month that it had taken control of six domains and taken them offline as part of a security arrangement with US law enforcement. The sites were part of a Kremlin-backed election hacking project. The company says it plans to keep monitoring websites for potential hacking and will work with law enforcement to take other sites offline if necessary.
Microsoft has also launched a project called the Defending Democracy Program, wherein the company is monitoring websites and web traffic to political sites in order to ensure that campaigns aren’t subject to cyber manipulation and disinformation tactics. Microsoft is working with governments and courts around the world to share information about campaign hacking.