Episode 31 - Election Buster: Defending the 2018 Midterm Elections from Foreign Adversaries
How far did Russian meddling in the last election extend? What were some of the tactics employed to mislead and manipulate folks outside of the Facebook ads and Twitter trolling efforts extensively covered by the media? In this week's episode, our hosts talk with election systems expert, Joshua Franklin, and his discovery of foreign adversaries buying up domain names and redirecting them to phishing or pharmaceuticals sites. And we learn about his program designed to protect campaigns: Election Buster. Election Buster is an independent, open-source tool created to identify malicious domains disguising as candidate webpages and voter registration systems.
Joshua spoke at DEF CON 26 about technological and procedural measures our government officers and campaigns must take to defend themselves. Specifically, he recommends looking out for different typo squats web domains, which occurs when someone registers a website name that is very close to another person's website name, with the intention of stealing website traffic. Campaigns can protect themselves today with minimum protections like SSL (Secure Sockets Layer) and TLS (Transport Layer Security protocol) which are the building blocks of HTTPS. You can read his full presentation and recommendations here. He also has template suggestions you can use when you register your campaign website domain.
Joshua Franklin is a security engineer and has more than a decade of experience working with election technology. He is also an instructor of mobile and telecommunications security. Previously, Joshua worked at the U.S. Election Assistance Commission.
Want to learn more about Joshua and his suggestions for campaign security? You can follow him on twitter @thejoshpit, or send him an email at email@example.com.
Listeners, we want to hear from you! Have you ever typed in a candidate website and found yourself at a mis-typed web address? Are you double and triple checking web addresses before you hit “buy?” Have you seen sneaky instances of opposition altering web domains? Are you a victim of typosquatting? We want to know about it! Email us at podcast@ElectionU.com or leave a note in the comment section below.
You can listen to the show right here on the EU website or by subscribing in iTunes, Apple Podcasts, GooglePlay, Spotify, Stitcher, Soundcloud, iHeartRadio, and more! If you do subscribe, please leave us a rating and review. We love the feedback and we read every one! If you'd like to hear a particular topic on our podcast, please email firstname.lastname@example.org. As always, thanks for listening!