Election Officials Are Vulnerable to Email Attacks, Report Shows

[InfoSec News <alerts () infosecnews org>]

https://www.wsj.com/articles/election-officials-are-vulnerable-to-email-attacks-report-shows-11595746800

By Robert McMillan
The Wall Street Journal
July 26, 2020

Many of the thousands of county and local election officials who will be 
administering November’s presidential election are running email systems 
that could leave them vulnerable to online attacks, a new report has 
found.

Cybersecurity vendor Area 1 Security Inc. tracked more than 12,000 local 
officials and determined that over 1,600 used free or nonstandard email 
software that often lacks the configuration and management protection 
found with large cloud-service providers. More than half of the officials 
used email systems with limited protection from phishing attacks, Area 1 
said. The findings underscore problems with the country’s diverse, locally 
administered election system that attracted the attention of 
state-sponsored hackers four years ago.

In 2016, Russian hackers targeted dozens of election systems in the U.S. 
and breached two counties in Florida. And while security officials and 
election officials say that much has been done to improve the security of 
these systems, email could be another avenue of incursion, especially for 
attackers looking to disrupt or undermine confidence in the November 
election, according to Oren Falkowitz, Area 1’s chief executive.

Often, all it takes for a cyber intrusion is a single software bug or 
misconfigured system, Mr. Falkowitz said in an interview. “When you run 
your own service and you don’t partner with someone to professionally 
manage it, it means you have to be perfect every single day,” he said. 
“That’s really hard.”

[...]

--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
Follow InfoSec News on Twitter
https://twitter.com/infosecnews_
Follow InfoSec News on LinkedIn
https://www.linkedin.com/company/infosecnews/