Election officials are vulnerable to phishing attacks, report warns

Less than 20% of election administrators have implemented advanced anti-phishing cyber security controls

Several county and local election officials are using email systems that could leave them vulnerable to phishing attacks, according to an Area 1 Security report.

Area 1 Security, in partnership with Americans for Cybersecurity, analyzed state and local election administrators’ susceptibility to phishing attacks. According to the report, 53.24% of election administrators use only simple or nonstandard technologies to protect themselves from phishing attacks, while only 18.61% have implemented advanced anti-phishing cybersecurity controls.

A troubling 5.42% of election administrators use personal email addresses or personal email technology for election-related matters too. 

According to Area 1 Security, several election administrators independently manage their custom email infrastructure as well.

In an interview with The Wall Street Journal, Area 1 Security CEO Oren Falkowitz explained: “When you run your own service and you don’t partner with someone to professionally manage it, it means you have to be perfect every single day. That’s really hard."

Area 1 Security says it found officials in six small jurisdictions in Michigan, Missouri, Maine and New Hampshire using Exim too. In May, the National Security Agency warned that threat actors linked to the Russian military intelligence agency - the same actors who interfered with previous elections - have targeted the version of Exim these officials are using.

Government agencies nationwide have faced ransomware attacks, many of which began with malicious email messages, security experts told The Wall Street Journal

At an online conference held by the National Association of Secretaries of State, a top Department of Homeland Security election security official stated malicious software targeting computer systems used by election officials remains an issue.

“We’ll see that ransomware will come and take down the county network, which has an impact on the election network, even though it wasn’t being targeted,” explained Matt Masterson, senior adviser on election security for the Department of Homeland Security. “It may have an impact on, particularly, a local office’s ability to run elections.”

For hackers looking to undermine the upcoming election, underprepared election administrators are an easy target. Election administrators claim security testing and monitoring of election networks is better now than it was in 2016, though. More counties are using paper-ballot voting machines as a backup. 

Featured Resources

Next-generation time series: Forecasting for the real world, not the ideal world

Solve time series problems with AI

Free download

The future of productivity

Driving your business forward with Microsoft Office 365

Free download

How to plan for endpoint security against ever-evolving cyber threats

Safeguard your devices, data, and reputation

Free download

A quantitative comparison of UPS monitoring and servicing approaches across edge environments

Effective UPS fleet management

Free download

Recommended

Microsoft touts new cyber security help for nonprofits
cyber security

Microsoft touts new cyber security help for nonprofits

22 Oct 2021
A quarter of all malicious JavaScript is obfuscated
hacking

A quarter of all malicious JavaScript is obfuscated

20 Oct 2021
Organizations warned of ransomware risk from smaller operators
ransomware

Organizations warned of ransomware risk from smaller operators

19 Oct 2021
Iranian hacking group continues to target US citizens
hacking

Iranian hacking group continues to target US citizens

18 Oct 2021

Most Popular

Best Linux distros 2021
operating systems

Best Linux distros 2021

11 Oct 2021
Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans
Laptops

Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans

11 Oct 2021
PayPal dismisses $45 billion Pinterest takeover as "market rumour"
Acquisition

PayPal dismisses $45 billion Pinterest takeover as "market rumour"

25 Oct 2021