Three In Five Politicians’ Websites Don’t Use Cyber Security

Comparitech assessed the websites of more than 7,500 politicians in 37 countries and found 60.8% did not use valid SSL certificates. Security and politics have become so intertwined since the 2016 presidential election that research group Comparitech decided it was time to look into the security of politicians’ websites.

What they found is alarming: Three in five politicians' websites lack basic HTTPS security, according to their new study. HTTPS, the secure version of the Hyper Text Transfer Protocol, provides a way to ensure site visitors that they are communicating with the correct party, says Paul Bischoff, the tech journalist, privacy advocate, and VPN expert, who posted a blog about the study for Comparitech.

"It's really easy for fraudsters to set up a phishing site and collect money," Bischoff says. "There needs to be a push for the politicians to lead by example and make their sites more secure."

In conducting the research, the Comparitech team went old-school, Bischoff says, combing websites one-by-one to see whether the URLs contained HTTPS. The researchers only searched for the websites of politicians, not political parties or government agencies.

In all, Comparitech assessed the websites of more than 7,500 politicians in 37 countries. It found 60.8% did not use valid SSL certificates, meaning visitors' connections to those sites are not private or secure, not great when they collect forms and donations and ask people to sign up for e-newsletters, Bischoff says.

There were some surprises in the study, too. Among them: Tech-savvy countries such as South Korea and India did not fare well. In South Korea, 92.3% of politicians' websites were insecure, while in India the number was 83.9%. 

While the United States fared well, with only 26.2% of websites insecure, that's "a pretty high number given how security-conscious people are in the United States," Bischoff says.

Avivah Litan, a vice president and distinguished analyst at Gartner, warns that politicians should not take security lightly.
"People could be sending sensitive information to their representatives that should be protected," she says. "Deploying SSL certificates is an easy way to support the website, so it's really not excusable. We are in a major cyberwar, and the politicians are so not aware of security issues. Many don't take the time to learn."

Dark Reading:

You Might Also Read: 

Bots & Ballots Make A Sophisticated Threat:

 

 

« The US Navy Is Leaking Secrets
Half Of UK Businesses Have Fallen For Phishing Attacks »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Brit

Brit

Brit PLC is a market-leading global specialty insurer and reinsurer, focused on underwriting complex risks including cyber, privacy and technology.

Australian Information Security Association (AISA)

Australian Information Security Association (AISA)

AISA champions the development of a robust information security sector by building professional capacity and advancing the cyber security of the public, business and governments in Australia.

Sintef Digital

Sintef Digital

Sintef Digital carries out research in Information and Communication Technology for industry and the public sector.

Niksun

Niksun

Niksun's forensics-based cyber security and network performance monitoring products provide customers with actionable insight into security threats, performance issues, and compliance risks.

Phirelight Security Solutions

Phirelight Security Solutions

Phirelight empowers an enterprise to easily understand how their networks behave, while at the same time assessing and managing cyber threats in real time.

CounterCraft

CounterCraft

The CounterCraft Cyber Deception Platform fits seamlessly into existing security strategies and delivers high-end deception for threat hunting and threat detection.

European Society of Criminology (ESC)

European Society of Criminology (ESC)

The ESC Working Group on Cybercrime is focused on cybercrime, its causes and offenders, impact on victims, and our response to it at the individual, corporate, and governmental levels.

Clari5

Clari5

Clari5 redefines real-time, cross channel banking Enterprise Fraud Management using a central nervous system approach to fight financial crime.

WiJungle

WiJungle

WiJungle is an Indian Cyber Security Company that develops and markets a unified network security gateway solution.

Learn How To Become

Learn How To Become

At LearnHowToBecome.org, our mission is to help any job-seeker understand what it takes to build and develop a career. We cover many specialist areas including cybersecurity.

Naukrigulf

Naukrigulf

Naukrigulf.com is one of the fastest growing job sites in the Gulf, with thousands of registered job seekers and a robust CV database across many sectors, including cybersecurity.

DigiByte (DGB)

DigiByte (DGB)

DigiByte (DGB) is a rapidly growing global blockchain with a focus on cybersecurity for digital payments & decentralized applications.

Mandiant

Mandiant

Mandiant deliver dynamic cyber defense solutions powered by industry-leading expertise, intelligence and innovative technology.

Strac

Strac

Eliminate Personal Data Risks from your business. Our Dataless SaaS removes the need to manage sensitive data across web, mobile apps, servers and communication channels.

StrongBox IT

StrongBox IT

Strongbox IT provides solutions to secure web applications and infrastructure.

Apex

Apex

We aspire to make the AI revolution run faster, securely, for the benefit of all. We are purposely built for the new AI era and are creating capabilities to safely enable AI.