Symantec is the latest private security company to offer its expertise to vulnerable political targets on the house. Today the company announced that it would extend its “Project Dolphin” service (dolphins eat phish, get it?) to political campaigns, candidates and election officials, all “prime target[s] for malicious actors seeking to influence the outcome of the upcoming U.S. midterm elections.” The service allows for anyone to run a check on their own website to make sure no illegitimate or “spoofed” versions of it are floating around and luring unsuspecting victims.
Individuals in those qualifying groups can sign up for free for Project Dolphin, Symantec’s AI-powered system that scans for and notifies users of illegitimate websites pretending to be the real thing — just one flavor of the common hacking technique called “spoofing.” Through spoofed sites, much like spoofed email accounts, hackers can steal login credentials and other sensitive data and wreak whatever kind of havoc they want, much like they did with the DNC prior to the 2016 US presidential election.
The company will also offer some educational services on a new dedicated election security site, including best practice for poll workers and election officials, anti-tampering training, and an election security news hub.
Whether the intended audience for these materials and services will actually take note of them remains to be seen, but cobbling together election security guides now could help smooth the path to more secure elections by 2020.
“The issues that plagued the 2016 election are still prevalent today and are likely to continue to persist through the midterm elections, into 2020, and into elections globally,” Symantec CEO Greg Clark said.
“It is important for all parties, public and private, to contribute to protecting the security and integrity of our elections and democracy.”
While it’s quite late to the game — at least for 2018 midterms — Symantec joins a number of security companies that have extended free or deeply discounted services to candidates and election bodies, including Cloudflare, Valimail and Synack.