Offensive cyber operations, from information campaigns to computer network exploitation, are being used to influence foreign elections through political parties and candidate campaigns. Key tactics demonstrated during the 2016 U.S. elections proved that once an attack is executed, political parties and candidates lack a solid incident response plan to remediate and respond to the attack.
Given the lack of visibility into a political party’s overall cybersecurity posture, the door to carry out similar actions is open for smaller, less focused entities; such as, political activists and organized crime organizations. With many important European and U.S. elections on the horizon, SecurityScorecard wanted to know: How are the political establishments responding to the threat of attack? And, are they prepared to effectively respond to an escalation in cyber activities?
Key Findings:
- Personally Identifiable Information (PII) Leakage
- End of Life (EoL) Products Running Clear Text Authentication
- Serving Expired Certificates
- Active Malware and Risk