https://www.wsj.com/articles/election-officials-are-vulnerable-to-email-attacks-report-shows-11595746800
By Robert McMillan
The Wall Street Journal
July 26, 2020
Many of the thousands of county and local election officials who will be
administering November’s presidential election are running email systems
that could leave them vulnerable to online attacks, a new report has
found.
Cybersecurity vendor Area 1 Security Inc. tracked more than 12,000 local
officials and determined that over 1,600 used free or nonstandard email
software that often lacks the configuration and management protection
found with large cloud-service providers. More than half of the officials
used email systems with limited protection from phishing attacks, Area 1
said. The findings underscore problems with the country’s diverse, locally
administered election system that attracted the attention of
state-sponsored hackers four years ago.
In 2016, Russian hackers targeted dozens of election systems in the U.S.
and breached two counties in Florida. And while security officials and
election officials say that much has been done to improve the security of
these systems, email could be another avenue of incursion, especially for
attackers looking to disrupt or undermine confidence in the November
election, according to Oren Falkowitz, Area 1’s chief executive.
Often, all it takes for a cyber intrusion is a single software bug or
misconfigured system, Mr. Falkowitz said in an interview. “When you run
your own service and you don’t partner with someone to professionally
manage it, it means you have to be perfect every single day,” he said.
“That’s really hard.”
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
Follow InfoSec News on Twitter
https://twitter.com/infosecnews_
Follow InfoSec News on LinkedIn
https://www.linkedin.com/company/infosecnews/
