Cybercriminals may have weighed risk and reward and figured that the first isn't worth the second if they try to exploit the 2008 US presidential campaign, a security researcher at Symantec said.
At least for now.
"We've now seen just two instances of spam using political candidates to spread malicious code," said Oliver Friedrichs, director of Symantec's security response team and a writer on electoral cybercrime. "I think [hackers] are still a little skittish. The high visibility of the federal elections makes them cautious about stepping into it."
Earlier this week, researchers at both Symantec and McAfee reported a spam run that tried to trick users into downloading a Trojan horse posing as a video of Sen. Hillary Clinton supposedly shot before Tuesday's Virginia primary vote. "Hilary [sic] Clinton visited her campaign headquarters in Virginia and did satellite interviews, looking beyond Tuesday's trio of contests and touting the importance of a March 4 vote in Ohio," the bogus e-mail read. "Full video. Download it now!"
Users who clicked the embedded link, however, were faced with a file pegged "mpg.exe." That file was actually a downloader, which in turn retrieved and installed the "Srizbi" Trojan horse -- malware that turns Windows-running PCs into spam-spewing bots.
The other example of what Friedrichs has called "electoral cybercrime" was a late-October 2007 spam blast ostensibly promoting Congressman Ron Paul and his campaign for the Republican Party nomination. More than a month after that attack, which had links to the Srizbi Trojan horse like the Clinton one this week, researchers at SecureWorks linked the spam to a Ukrainian botnet.
McAfee researcher Alex Hinchliffe drew a line between this week's Clinton spam and the Russian Business Network, a notorious hacker and malware hosting network once based in Russia.
Although Friedrichs had speculated last year that the 2008 presidential campaign would see an increase in electoral attacks -- especially phishing attacks -- over the number that occurred in 2004, when there were just two reported cases, that hasn't happened yet.
Friedrichs offered a possible explanation. "The scale of an election is such that any potential disruption will clearly gather all the strength of all law enforcement," he said.
"But they haven't been afraid of phishing charities," Friedrichs said, citing the aggressive identity-theft attacks that exploited the aftereffects of Hurricane Katrina. "Maybe it's just too early. Maybe we'll see more [phishing] after the primaries are over."
A lot of money will be at stake. The campaign of Senator Barack Obama raised US$28 million online in January alone, according to news reports.
"That's a substantial amount of money. And clearly any sense of conscience or caution [on the part of hackers] might just go out the window," said Friedrichs.
Read up on the latest ideas and technologies from companies that sell hardware, software and services. Zones provide focussed content from Computerworld and leading technology partners.
Discover how SOA can create smarter outcomes for your business.
Attend and learn:
- How SOA is helping leading companies to become more agile
- Where you should be applying SOA processes in your company
- The top SOA implementation mistakes to avoid
Click here for more information.
- +
Computerworld Live Podcast #97: The Future of Enterprise Networking 25/07/2008 09:45:36
This week CW Live chats with Mark Thompson, global sales and marketing manager for HP ProCurve, on the future of the enterprise networking. Mark discusses the trends we can expect to see in the near future and how the right infrastructure can ensure your enterprise network is secure. - +
Computerworld Live Podcast #96: Security at the Edge 11/06/2008 09:22:22
CW Live speaks with Amol Mitra, HP ProCurve Director of Marketing for Asia Pacific and Japan. Today's topic: how enterprises are starting to shift away from simply controlling security via server logins, firewalls and moving to more adaptive security frameworks. - +
Data Management Edition #10: Multi-Petascale Systems 02/05/2008 09:12:33
This week we look at sustainability and the development of multicore technologies to build multi-petascale systems. - +
IT Security Edition #11: How to poison the Storm botnet 01/05/2008 08:51:55
This week CW Live presents a case study on how to poison the notorious Storm botnet . Plus we take a look at Cisco's plans for Ironport. - +
IT Security Edition #10: Cyber-battles fought and won 24/04/2008 11:09:47
Vendors bow to end user pressure to improve product security, and we take a look at the latest concepts shaping the cyber-battlefield of the future.
Virtual magic: HR specialist throws out 40 servers, adds 8TB SAN and saves $100,000 for disaster recovery 2008-12-01 15:28:00+11
Sybiz adds up for SMEs in downturn 2008-12-01 14:27:00+11
EXCOM scores back-to-back award trifecta 2008-12-01 10:46:00+11
Citect extends SCADA networks with mobility solutions 2008-12-01 09:48:00+11
Citect extends SCADA networks with mobility solutions 2008-12-01 09:48:00+11
How to Beef Up Your Sales Pipeline
Our economy may be heading towards a recession. Sales rates are dropping. Promotional campaigns are proving less effective than you would like. So how do you continue to grow your business and bring home the sales in such an environment? Download this white paper now to find the answers.
Buying Guides
Latest Products
