thotcon 0x6 talk - hacking citizens united. or, creative use of ransomware
TRANSCRIPT
Billions of Dollars Raised…
Barack Obama Mitt Romney
• Campaign: $738m • Democratic Party: $290m • Priorities USA Action PAC: $ 79m
• Campaign: $483m • Republican Party: $390m • Restore Our Future PAC: $154m
Total: $1.107 billion Total: $1.027 billion
All data obtained from the FEC
And Billions Spent
Barack Obama Mitt Romney
• Campaign: $737m • Democratic Party: $292m • Priorities USA Action PAC: $ 65m
• Campaign: $483m • Republican Party: $386m • Restore Our Future PAC: $147m
Total: $1.094 billion Total: $1.016 billion
All data obtained from the FEC
The price of a vote, and voterAs of the 2010 Census, there were about
210,800,000 registered voters.
Number of Received Votes per candidate:
Obama Romney
65,455,010 votes 60,771,703 votes
$5.19 expendedper registered voter
$4.82 expendedper registered voter
Cost of each vote:$16.714
Cost of each vote:$16.718
Electoral R.O.I.
Raised Money
Mitt Romney7.23% Less than Obama
Spent Money 7.13% Less than Obama
Votes Received 7.16% Less than Obama
Cost per Vote 0.024% More than Obama
1:1 correlation
1:1 correlation
With a 1:1 correlation regarding the total campaign fundraising, spending and votes received, elections have
become the equivalent of a horserace for billionaires.
The more their candidate can outspend the other, the higher the possibility they will win.
But if the other candidate also has donors with deep pockets, then the election can become a race to
bankruptcy
Is there a better (and cheaper) way to influence voters or get votes?
This is where I have to say: In no way do I condone, or promote these methods described here after…
Voter Fraud
• Voter Impersonation • Absentee Ballots • Registration Fraud
2068 cases between 2000 and 2012
http://votingrights.news21.com/article/election-fraud/index.html
10 cases491 cases400 cases
74 cases of felons voting56 cases of non citizens voting
How about the voting machines?
• Dozens of manufacturers and models
• Identifying which models are used by which districts
• Getting access to the machines (either physical or remote)
• Identifying vulnerabilities in each machine’s software
Voter IntimidationOr, I have an offer that you cannot refuse…
In Italy, local mobsters offered money in return for voting for their backed candidates. To make sure that voters voted correctly, they required them to take a photo of
their ballots as proof.
In 2008, Italy banned any recording devices in polling locations
In certain States it is illegal to take photos or film at polling locations. But not in Illinois*.
http://www.dmlp.org/state-law-documenting-vote-2012
Scaling? Works on a town, but a country?
• Take something that is of high value to a person, and threaten them.
• Ransomware is built around this idea.
• Voter intimidation works similarly to the “carrot and the stick” methodology.
Distribution
Geographically indexed email lists
Political emails with attachments insulting candidates
False Facebook profiles to access open and closed groups
Botnet rental for spamming: $200-$500 per 1M emails
Infection Rate?
Infection rate varies over time as with every piece of malware distributed online. The distribution campaign
more than randomized spamming, should work similarly to a spear phishing campaign.
The more extreme the political position of the recipient, the higher the possibility that they will open the attachment, and forward it to their colleagues.
YOUR COMPUTER HAS BEEN LOCKED!
This computer is under the control of ISIS
To have your files returned to you, you must vote for [CANDIDATE] in your election.
Post an image of your ballot on social media and the number below and we will find your computer and unlock it. Use
#cryptoelection to help us identify your message.
882cfe7d-f016-4db4-8f53-9c6b9d5267e5
YOUR COMPUTER HAS BEEN LOCKED!
This computer is under the control of North Korean Cyber Army
To have your files returned to you, you must vote for [CANDIDATE] in your election.
Post an image of your ballot on social media and the number below and we will find your computer and unlock it. Use
#cryptoelection to help us identify your message.
882cfe7d-f016-4db4-8f53-9c6b9d5267e5
YOUR COMPUTER HAS BEEN LOCKED!
This computer is under the control of Iranian Revolutionary Guard
To have your files returned to you, you must vote for [CANDIDATE] in your election.
Post an image of your ballot on social media and the number below and we will find your computer and unlock it. Use
#cryptoelection to help us identify your message.
882cfe7d-f016-4db4-8f53-9c6b9d5267e5
The Infection rate will never be large enough to forcibly
influence voters
But what about using this as a method to defame a candidate?
“Attack" timeline1 Year before election
1 month to 1 week before electionChoose a candidate to target, activate any
communication servers/chat rooms for malware
Start distribution and maintenance of malwareMalware remains dormant on infected PCs
1 week before electionMalware retrieves target information and activates
Objective of Campaign
Infect party extremists to incite rage or fear
Use social media to spread the news of such a targeted attack
Enter mainstream media news services
Candidate who is illegally “endorsed" by malware creator must respond and answer to such an event shortly before
election date.
Known problems in this talk
Only one point of reference for data (2012 election)
Data used is superficial at best
Speculation
Anyone interested in looking deeper into election funding or have more experience with the FEC?
Who I thank, and who you should blame for this talk
My first Security Oriented con was BSidesChicago (because I couldn’t get a Thotcon ticket in time)
Met @j0hnnyxm4s and @HackerHuntress there and got involved with Burbsec
Thanks to Burbsec members for hearing out my idea and suggesting I make a talk out of it!