Malicious code infection represents one of the most concerning potential online threats to voters, candidates and campaign officials. With malicious tools that monitor user behavior, steal user data, redirect browsers and deliver misinformation, malicious code targeted at voters has the potential to cause damage, confusion and loss of confidence in the election process itself. By placing keyloggers or Trojans on a user’s system, a cyber criminal could hold the user’s data hostage until a fee is paid to release it; such threats have already surfaced and been leveraged in the larger Internet user community. In addition, a carefully placed targeted keylogger might potentially result in the monitoring of all communications from an individual, including the candidate, campaign manager and other key personnel.

Denial-of-service attacks, which make a computer network or website unavailable and therefore unusable, have become increasingly common on the Internet today. In May 2007, one such attack was launched against the country of Estonia by Russian patriots who disabled numerous key government systems over the course of several weeks. Regardless of the motivation of such attacks or their geographic setting, in an election process they could potentially prevent voters from reaching campaign websites and impede campaign officials from communicating with voters.


In fact, the security of a campaign’s website plays a role in how much faith voters have in the election process. Yet, these websites can also be hacked so that attackers can post misinformation or deploy malicious code to unsuspecting visitors. Attempts to deceive voters through the spread of misinformation using traditional forms of communication are not new. Past campaigns have aimed at intimidating minorities and individuals with criminal records, announced erroneous voting dates and introduced other tactics to create voter confusion. Such activities lend themselves to the Internet because of the ease with which they can be conducted by a single attacker rather than an organized group.

As campaigns increasingly look to the Internet as a tool for gathering support, the inherent risks that follow must also be considered. From domain name abuses to phishing, hacking and other security threats, the risks of online advocacy must be understood by election campaigns so that the necessary precautions can be put in place to protect against them. By keeping a vigilant watch on cyber activities, candidates, their campaigns and voters can help maintain a dynamic yet reliable election process.