Three In Five Politicians’ Websites Don’t Use Cyber Security

Uploaded on 2019-03-25 in GOVERNMENT-National, GOVERNMENT-Local, FREE TO VIEW

Comparitech assessed the websites of more than 7,500 politicians in 37 countries and found 60.8% did not use valid SSL certificates. Security and politics have become so intertwined since the 2016 presidential election that research group Comparitech decided it was time to look into the security of politicians’ websites.

What they found is alarming: Three in five politicians' websites lack basic HTTPS security, according to their new study. HTTPS, the secure version of the Hyper Text Transfer Protocol, provides a way to ensure site visitors that they are communicating with the correct party, says Paul Bischoff, the tech journalist, privacy advocate, and VPN expert, who posted a blog about the study for Comparitech.

"It's really easy for fraudsters to set up a phishing site and collect money," Bischoff says. "There needs to be a push for the politicians to lead by example and make their sites more secure."

In conducting the research, the Comparitech team went old-school, Bischoff says, combing websites one-by-one to see whether the URLs contained HTTPS. The researchers only searched for the websites of politicians, not political parties or government agencies.

In all, Comparitech assessed the websites of more than 7,500 politicians in 37 countries. It found 60.8% did not use valid SSL certificates, meaning visitors' connections to those sites are not private or secure, not great when they collect forms and donations and ask people to sign up for e-newsletters, Bischoff says.

There were some surprises in the study, too. Among them: Tech-savvy countries such as South Korea and India did not fare well. In South Korea, 92.3% of politicians' websites were insecure, while in India the number was 83.9%. 

While the United States fared well, with only 26.2% of websites insecure, that's "a pretty high number given how security-conscious people are in the United States," Bischoff says.

Avivah Litan, a vice president and distinguished analyst at Gartner, warns that politicians should not take security lightly.
"People could be sending sensitive information to their representatives that should be protected," she says. "Deploying SSL certificates is an easy way to support the website, so it's really not excusable. We are in a major cyberwar, and the politicians are so not aware of security issues. Many don't take the time to learn."

Dark Reading:

You Might Also Read: 

Bots & Ballots Make A Sophisticated Threat:

 

 

« The US Navy Is Leaking Secrets
Half Of UK Businesses Have Fallen For Phishing Attacks »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Zentera Systems

Zentera Systems

Zentera's CoIP (Cloud over IP) solution offers enterprise-grade networking and security for the emerging cloud ecosystem.

Keyfactor

Keyfactor

Keyfactor is a leader in cloud-first PKI as-a-Service and crypto-agility solutions. Our Crypto-Agility Platform seamlessly orchestrates every key and certificate across the enterprise.

Source Defense

Source Defense

Source Defense provides websites with the first ever prevention technology for attacks of third-party origin.

StormWall

StormWall

StormWall is an Anti-DDoS protection service for websites and networks. We offer 100% protection from all types of DDoS attacks and 24/7 technical support.

Cyber Science

Cyber Science

Cyber Science is the flagship conference of C-MRiC, focusing on pioneering research and innovation in Cyber Situational Awareness, Social Media, Cyber Security and Cyber Incident Response.

CYRail

CYRail

CYRail project will analyse threats targeting Railway infrastructures and develop innovative attack detection and alerting techniques.

Cambridge Cybercrime Centre

Cambridge Cybercrime Centre

The Cambridge Cybercrime Centre is a multi-disciplinary initiative combining expertise from the Department of Computer Science and Technology, Institute of Criminology and Faculty of Law.

Action1

Action1

Action1 is a Cloud-based lightweight endpoint security platform that discovers all of your endpoints in seconds and allows you to retrieve live security information from the entire network.

NTT Group

NTT Group

NTT offers agile, scalable technology services to bring it all together seamlessly, securely, and sustainably. We help you adopt a holistic security approach across your network, clouds, applications.

du

du

du is a telecommunications service provider providing UAE businesses with a vast range of ICT and managed services.

SubCom

SubCom

How Much Do You Trust Your Endpoint? With our ‘Habituation Neural Fabric’ based endpoint security platform, you can observe and manage the Trust Score of your endpoints in real-time.

Quartz Network

Quartz Network

Quartz Network is a curated community for change-makers, up-and-comers, and professionals who are ready to grow, adapt, and thrive.

Harbor Networks

Harbor Networks

Harbor Networks is a communications systems integrator and managed services provider. We provide business consultation services for voice and data communication technology.

CIP Cyber

CIP Cyber

CIP Cyber is an online learning community with a mission of connecting, training, and certifying cybersecurity professionals to protect critical infrastructure.

SpectrumWise

SpectrumWise

SpectrumWise is a business technology specialist that provides Managed Services and Managed Security for small and medium IT Networks.

Cythera

Cythera

Cythera is an Australian cyber security company with in-house cyber security professionals providing world-class cyber protection to medium to large companies all over Australia.