Current Events: President Obama (‘s Web Site) Under Attack!

By zacf at 11:16 am on January 30, 2009 | 3 Comments

Barack Obama’s online community, which began during the 2008 campaign as a way to bring people into the political process, has been the target of recent attacks, according to an article in PCWorld.

The site (login required) allows registered users to create their own blogs, and many attackers have taken advantage of that capability by posting images designed to trick viewers into downloading Trojan horses. For example, one attack involves tricking users into clicking an image to view a movie. If they click, they are told they need to download a codec. That “codec” is actually a Trojan horse.

Of course, this type of attack is not new. But the fact that they are happening on a web site controlled by the President of the United States is, and it raises interesting questions about who controls a site’s content, what causes a user to trust blog content, and how attackers can reach the most victims.

Naïve users who read blogs on might trust what they are seeing more because they trust the President. But while the site’s operators have an interest in maintaining the trustworthiness of their site, and are actively searching for and eliminating attacks, they cannot always keep up.

Attackers can also take advantage of the President’s strong reputation to reach more victims. As with any malicious web page, posting links to them on other sites increases the malicious page’s search ranking. But this effect is magnified by the popularity of the President’s site itself, which improves the search ranking of every page on it.

In the early days of the world-wide web, the notions of content-provision and site-operation were synonymous. If the operators of a site were trustworthy, then short of a redirection attack, the content of that site could also be trusted. But these notions have been split by the advent of online community sites that allows users to contribute their own content. Now, to provide a safe experience for its users, a site must not only do no harm itself, but must successfully control what other users can post. It may take some time for naïve users to realize that.

This new requirement is further complicated by the fact that the better a site operator’s reputation is, the more traffic it will have, and the more users will be inclined to trust what they see on it. That gives attackers an incentive to attack the sites with the best reputation, where they can do the most harm.

Operators wishing to maintain the reputations of their sites have two options: detection and removal, and stronger warnings to their users. Strong warnings may be undesirable for the site operator because they are essentially telling their users that their site is unsafe. That means they will need to strengthen their detection and removal, possibly requiring that postings be approved before they are made public, if they are going to keep their site safe enough to stake their reputations on.

Filed under: Current Events3 Comments »


  • 1
    Get your own gravatar for comments by visiting

    Comment by vkirst

    January 30, 2009 @ 1:16 pm

    This article ties in well with the assigned reading for CSE 584 this week. The research paper (“Why Phishing Works”) conducts a study that supports the idea that users often attribute credibility of a website to rather trivial “evidence” such as a website’s design. If the site “looks” credible, then they are more likely to trust it — in the study, a phishing website that “looked” trustworthy was able to fool over 90% of the participants, largely due to appearance alone. It is not surprising that users trusted the Obama blogs for similar reasons: the blogs appear credible because of the host, the uniform design, and the URL. It will be interesting to see what the maintainers of will do (if anything) to combat this problem of the naive trust of the users.

  • 2
    Get your own gravatar for comments by visiting

    Comment by seraphim

    January 30, 2009 @ 3:07 pm

    Another question this brings up, especially in the context of Obama’s position as President, is whether or not this should even be acceptable. Surely freedom of speech is a right that everyone should have, but given the ease of which these ‘phishing’ attacks can be deployed, should the President’s unofficial credentials be usable by the public? Regardless, it’s clear that the average user must be aware and realize that just because it’s on the Internet and looks credible, it may not be.

  • 3
    Get your own gravatar for comments by visiting

    Comment by Obama Blog

    January 31, 2009 @ 4:37 am

    We “hope” so, but must keep up our guard.

RSS feed for comments on this post