Three In Five Politicians’ Websites Don’t Use Cyber Security

Uploaded on 2019-03-25 in GOVERNMENT-National, GOVERNMENT-Local, FREE TO VIEW

Comparitech assessed the websites of more than 7,500 politicians in 37 countries and found 60.8% did not use valid SSL certificates. Security and politics have become so intertwined since the 2016 presidential election that research group Comparitech decided it was time to look into the security of politicians’ websites.

What they found is alarming: Three in five politicians' websites lack basic HTTPS security, according to their new study. HTTPS, the secure version of the Hyper Text Transfer Protocol, provides a way to ensure site visitors that they are communicating with the correct party, says Paul Bischoff, the tech journalist, privacy advocate, and VPN expert, who posted a blog about the study for Comparitech.

"It's really easy for fraudsters to set up a phishing site and collect money," Bischoff says. "There needs to be a push for the politicians to lead by example and make their sites more secure."

In conducting the research, the Comparitech team went old-school, Bischoff says, combing websites one-by-one to see whether the URLs contained HTTPS. The researchers only searched for the websites of politicians, not political parties or government agencies.

In all, Comparitech assessed the websites of more than 7,500 politicians in 37 countries. It found 60.8% did not use valid SSL certificates, meaning visitors' connections to those sites are not private or secure, not great when they collect forms and donations and ask people to sign up for e-newsletters, Bischoff says.

There were some surprises in the study, too. Among them: Tech-savvy countries such as South Korea and India did not fare well. In South Korea, 92.3% of politicians' websites were insecure, while in India the number was 83.9%. 

While the United States fared well, with only 26.2% of websites insecure, that's "a pretty high number given how security-conscious people are in the United States," Bischoff says.

Avivah Litan, a vice president and distinguished analyst at Gartner, warns that politicians should not take security lightly.
"People could be sending sensitive information to their representatives that should be protected," she says. "Deploying SSL certificates is an easy way to support the website, so it's really not excusable. We are in a major cyberwar, and the politicians are so not aware of security issues. Many don't take the time to learn."

Dark Reading:

You Might Also Read: 

Bots & Ballots Make A Sophisticated Threat:

 

 

« The US Navy Is Leaking Secrets
Half Of UK Businesses Have Fallen For Phishing Attacks »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

INSUREtrust

INSUREtrust

INSUREtrust is a pioneer in the industry, inventing the concept of cyber insurance.

CERT-AM

CERT-AM

CERT-AM is the national Computer Emergency Response Team for Armenia.

Shape Security

Shape Security

Shape Security provide best-in-class defense against malicious automated cyberattacks on web and mobile applications.

Somansa

Somansa

Somansa is a global leader in Data Security and Compliance solutions designed to protect valuable company information from leakage and help meet regulatory compliance requirements.

Valire Software

Valire Software

Valire provide a solution for the automated detection of internal fraud.

Industry IoT Consortium (IIC)

Industry IoT Consortium (IIC)

The Industry IoT Consortium is the world's leading organization transforming business and society by accelerating the Industrial Internet of Things (IIoT).

Mindsight

Mindsight

Mindsight is a technology consulting firm with expertise from cybersecurity to cloud, disaster recovery to infrastructure, and collaboration to contact center.

Lifetech

Lifetech

Lifetech is a software development, product engineering and system integration company. Cybersecurity services include SIEM deployment and training.

Adarma Security

Adarma Security

Adarma are specialists in threat management including SOC design, build & operation.

Foundries.io

Foundries.io

Foundries.io have built a secure, open source platform for the world's connected devices, and a cloud service to configure this to any hardware and any cloud.

Bytes Technology Group

Bytes Technology Group

Bytes is a leading provider of world-class IT solutions. Our growing portfolio of services includes cloud, security, licensing, SAM, storage, virtualisation and managed services.

Venari Security

Venari Security

Venari is an award-winning cybersecurity SaaS provider that has developed an ETA (Encrypted Traffic Analysis) platform which fundamentally changes the way encrypted traffic is analysed.

Cyber Risk International

Cyber Risk International

Cyber Risk International offer CyberPrism, a B2B SaaS solution that empowers businesses to perform a self-assessment of their cyber security program.

Keyrus

Keyrus

Keyrus is a global consultancy that develops data and digital solutions for performance management.

Invisily

Invisily

Invisily makes enterprise and cloud computing resources invisible to attackers with zero trust solutions, making them visible only when needed to only those who need them.

NetAlly

NetAlly

NetAlly network test solutions help engineers and technicians better deploy, manage, maintain, and secure today’s complex wired and wireless networks.