As the U.S. midterm elections draw closer, Facebook announced today that it is rolling out a pilot program that U.S. political campaigns can enroll in to get additional security protections for their Pages and accounts.
In a blog post announcing the pilot, Facebook’s head of cybersecurity policy Nathaniel Gleicher wrote that the new pilot will be aimed at protecting not just candidates, but also their staffers.
“Due to the short-term nature of campaigns, we do not always know who these campaign-affiliated users are, making it harder to help protect them,” Gleicher wrote.
Campaign staffers are at just as much of risk of being hacked, if not more so, than their candidate. Nearly six months before the U.S. presidential election, for example, Hillary Clinton’s campaign chairman John Podesta had his email hacked, and his emails were released by Wikileaks.
With less than two months to go before the U.S. midterm elections, the number of hacking and phishing attempts campaigns face will surely increase, though they have likely already been at risk for months.
Candidates for federal and state offices, as well as the staffers of federal and state political party committees, are eligible to enroll in the program. In order to be considered, campaign managers have to fill out a form indicating who they work for and what the campaign’s official Facebook page is, and provide a photo of a government-issued ID, among other information. A Facebook official also told VentureBeat that once someone is accepted into the program, they’ll be able to enroll other members from their organizations.
By enrolling in the program, participants will get assistance adopting two-factor authentication and other security protections. Being a part of the program will also help Facebook identify which other accounts might be at risk if a hacker targets a certain candidate or campaign, and give them extra protection, as well as share that information with law enforcement and other companies.
Gleicher doesn’t say specifically which other companies it will be working with, but it did convene a meeting on election security in July with representatives from about a dozen companies, including Twitter, Microsoft, and Google, as reported by BuzzFeed. It’s also worth noting that Alphabet’s experimental incubator Jigsaw launched its own program to help campaigns protect themselves from DDoS attacks back in May.
Facebook says that it will be taking what it learns from this pilot and applying it to other elections around the world.