US voting data being traded on the dark web

Data on millions of US voters is being illegally traded on the dark web as the US is gearing up for the 2020 presidential election. The data could be used to attempt to influence voters.

The dark web is a part of the internet not searchable using normal means. It is encrypted and visible only through specialist web browsers that anonymise data transfers, and it is a thriving marketplace for illicit material.

Cybersecurity firm Trend Micro has analysed 600 dark web forums dealing in underground trading. The firm found that databases of US voter information, containing names, addresses and political affiliations, could be bought for $9.99 or less – a fraction of the going rate on the dark web of $26 for 1000 fake YouTube likes, which some people buy to boost their popularity on the video site.

Voter information is cheaper because clicking YouTube’s “like” button requires a human or a bot, which costs money,  and voter databases age and depreciate in value.

Information from other nations can cost more – the highest price Trend Micro saw was $400 for a Turkish voter database. That is because, unlike the US, most countries don’t publicly publish information about their voters.

In the US, some of this information is available for free at a state-wide level.  If it’s harder to obtain the information, they’re going to charge more.

Access to US voter registration lists varies by state.  Generally, political parties can view redacted versions of the lists for free, but other organisations or individuals must pay a fee or visit a local government office in person. That can make buying an electronic version on the dark web attractive.

There have been a number of high-profile hacks of voter data. In 2017, more than a terabyte of voter data, covering 62 per cent of the US population, was taken from an unsecured server operated by a firm called Deep Root Analytics. Rosario Fuentes says this data is being sold on the dark web. Deep Root Analytics declined to comment for this article.

The Philippines’s election commission and the Turkish government both had voter data breaches of around 50 million individuals each in 2016, and this data is also being traded, according to Trend Micro. The Philippines’s election commission and Turkey’s justice department didn’t respond to requests for comment.

“Citizens are worried that their country’s election can be interfered with,” says Rosario Fuentes. Recent votes, including the 2016 US presidential election and the UK Brexit referendum, have seen accusations of interference through the use of bots and other social media exploits.

The data being traded on the dark web could be used for this purpose. “If you have a database where you can in some way infer the ideology of someone, carrying out a disinformation campaign would be easier,” says Yevgeniy Golovchenko at the University of Copenhagen in Denmark.  (Chris Stokel-Walker, New Scientist, 20 June 2020)

My comment:  I have no doubt that the November election is going to be chaotic, to say the least, and I think we should fear for the future of the Constitution, which has served us well until now.  As a citizen one  shouldn’t have to worry about politics and the Constitution., but it’s hard not to be concerned.  This is not good for Epicurean peace of mind.