Automation enabled by artificial intelligence has exposed political campaigns to high-tech vulnerabilities at a fast clip, changing the way the organizations need to protect sensitive data.
As the 2018 midterm elections approach, political campaigns have been fending off automated attacks. Those include phishing attacks, which attempt to get staff members to divulge their passwords, and password stuffing, a technique in which hackers recycle credentials harvested from other data breaches. (Login credentials are bought and sold on the dark web, then compiled into databases that hackers use to attack accounts.)
AI has sped up the attack process. The result: More political campaigns are at a greater risk of hacks that expose sensitive data.
Both Microsoft and Google are working to strengthen account security.
Microsoft’s Windows Hello feature allows users to log in with biometric authentication, like facial recognition or a thumbprint. Though not impossible, it’s difficult to replicate biometric ID, says Diana Kelley, Microsoft’s chief technology officer for cybersecurity issues.
“Facial recognition is more advanced” than a password, Kelley says, and it slows down the speed of attacks.
Google’s new Titan key is a fob device that authenticates your identity with minimal effort. It’s designed to reduce instances of phishing hacks.
Attacks are becoming much more targeted, says Mark Risher, Google’s director of product management for security and privacy.
“Status quo is that you … need to look carefully at the screen and make sure everything is perfect before you type in a username or password,” Risher said. “In the security key world, it verifies the software and has to prove itself to the key. Only when both of those things happen can authentication proceed.”
Risher hopes this will keep political campaigns safe from automated attacks this election season.
For more on how hackers may affect the upcoming midterm elections, read the full story on CBS News.
Campaign 2018: Election Hacking is a weekly series from CBS News and CNET about the cyberthreats and vulnerabilities of the 2018 midterm election.
READ MORE HERE