Defending the 2018 Midterm Elections from Foreign Adversaries

Presented at DEF CON 26 (2018), Aug. 12, 2018, 10 a.m. (45 minutes)

Election Buster is an open source tool created in 2014 to identify malicious domains masquerading as candidate webpages and voter registration systems. During 2016, fake domains were used to compromise credentials of a Democratic National Committee (DNC) IT services company, and foreign adversaries probed voter registration systems. The tool now cross-checks domain information against open source threat intelligence feeds, and uses a semi-autonomous scheme for identifying phundraising and false flag sites via ensembled data mining and deep learning techniques. We identified Russian nationals registering fake campaign sites, candidates deploying defensive-and offensive-measures against their opponents, and candidates unintentionally exposing sensitive PII to the public. This talk provides an analysis of our 2016 Presidential Election data, and all data recently collected during the 2018 midterm elections. The talk also details technological and procedural measures that government offices and campaigns can use to defend themselves.

Presenters:

• Kevin Franklin - Hacker
  Kevin Franklin has several decades of technology experience in big data. He possesses an undergraduate degree in Engineering from Mississippi State University and a masters degree in Computer Science from Southern Polytechnic University.
• Joshua M Franklin - Hacker
  Joshua Franklin has over a decade of experience working with election technology, and is a security engineer at the National Institute of Standards and Technology (NIST) focusing on cellular and electronic voting security. Prior to NIST, Joshua worked at the U.S. Election Assistance Commission gathering hands-on experience with a variety of voting technologies. Joshua managed federal certification efforts and alongside election officials, labs, and manufacturers across the United States. Joshua recently co-chaired the Election Cybersecurity Working Group, and was the principal author for the security portions of the next generation of federal voting system standards.

Links:

• https://defcon.org/html/defcon-26/dc-26-speakers.html#Franklin
• https://infocon.org/cons/DEF CON/DEF CON 26/DEF CON 26 video and slides/DEF CON 26 - Franklin and Franklin - Defending the 2018 Midterm Elections from Foreign Adversaries.mp4
• https://infocon.org/cons/DEF CON/DEF CON 26/DEF CON 26 video and slides/DEF CON 26 - Franklin and Franklin - Defending the 2018 Midterm Elections from Foreign Adversaries.srt (subtitles)
• https://www.youtube.com/watch?v=711YmI_hrVs

Similar Presentations:

• Still Hacking Anyway (SHA2017) / Ask your candidates and let everyone know about it: How to make use of democratic elections for your own purpose
• DEF CON 26 (2018) / Securing our Nation's Election Infrastructure
• BSidesDC 2015 / Defending Election Campaigns from Cyberspace