Advertisement

CISA, FBI urge local election offices to move to .gov domains

The FBI and the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency published a guide intended to help state and local agencies move their websites to the sponsored .gov top-level domain.
.com site
The Harris County, Texas, election administrator's office uses a .com website. (Benjamin Freed / Scoop News Group)

The FBI and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency on Monday released a guide to help U.S. election offices and state, local, tribal and territorial government agencies adopt government web domains to mitigate impersonation and cybersecurity risks.

The guide notes that foreign adversaries and other cyber threat actors have demonstrated the intent to target election infrastructure. The FBI and CISA anticipate these threats to future elections will continue by targeting election office websites, email accounts and impersonation attempts. As such, the two agencies are recommending all election offices and state, local, tribal and territorial governments adopt a top-level .gov domain.

The guide is the latest push in a longstanding effort by federal and state cybersecurity officials to encourage the adoption of sponsored domains, which have been increasingly adopted by local government offices after CISA dropped its $400 registration fee, but they’re still being adopted slowly.

“Unlike other domains, .gov is only available to official U.S.-based government organizations and publicly controlled entities,” the agencies wrote in the resource. “This means that users visiting a .gov website or receiving an email from a .gov email address can be more confident that the content is genuine government information. Similarly, use of the .gov domain can help the public better recognize official government sites and emails while avoiding phishing attempts and websites that impersonate government officials.” 

Advertisement

Of 56 state and territorial election offices, 52 have transitioned their websites to a government domain, and local election office adoption is increasing, according to the new CISA and FBI resource.

In 2020, the FBI warned of “typosquatting” domains, intended to trick visitors seeking state election office websites. Pennsylvania’s official election website votepa.com, for instance, once competed with a fraudulent website called votespa.com.

“Later, after the Pennsylvania state election office completed its transition to a .gov domain, ‘www.vote.pa.gov,’ the FBI observed typosquatting websites that replicated the original election website and others that redirected network traffic to entirely different websites,” the guide reads. “Impersonation efforts like this are part of why CISA recommends maintaining former non-.gov domains in perpetuity, ensuring old domains do not fall into the hands of threat actors.”

Skylar Rispens

Written by Skylar Rispens

Skylar Rispens is a reporter for StateScoop and EdScoop. She previously worked as a reporter specializing in education coverage for daily and weekly newspapers across Montana, where she currently resides.

Latest Podcasts