Many of the biggest political organizations in the US still have awful cyber hygiene ahead of next year’s election.
The news: Researchers at cybersecurity firm SecurityScorecard spent the first quarter of 2019 analyzing the anti-hacking defenses of the parties, including both the US Republican National Committee (RNC) and the Democratic National Committee (DNC). They found that both have some serious holes to address.
The dirty truth: The flaws include exposed personal data about employees that could be used to create fake identities; older versions of software that could let hackers steal usernames and passwords fairly easily; and malicious software, or malware, that could be used to spy on party activities and compromise user accounts.
Why this matters: Ahead of the 2016 US presidential election, hackers penetrated the DNC’s systems and stole e-mails and other data to cause chaos. With European Union parliamentary elections looming and the US about to enter another presidential election year, more attacks on political organizations are inevitable.
Bigger is (somewhat) better: The researchers acknowledge that the RNC and DNC have put significant effort into bolstering their cyber defenses since 2016 but say they still found some (undisclosed) weaknesses. Another, smaller party was using a tool that leaked voter names, dates of birth, and addresses. This flaw was fixed after the party was told what SecurityScorecard had found.
Russia is risking the creation of a “splinternet”—and it could be irreversible
If Russia disconnects from—or is booted from— the internet’s governing bodies, the internet may never be the same again for any of us.
Quantum computing has a hype problem
Quantum computing startups are all the rage, but it’s unclear if they’ll be able to produce anything of use in the near future.
These hackers showed just how easy it is to target critical infrastructure
Two Dutch researchers have won a major hacking championship by hitting the software that runs the world’s power grids, gas pipelines, and more. It was their easiest challenge yet.
Inside the plan to fix America’s never-ending cybersecurity failures
The specter of Russian hackers and an overreliance on voluntary cooperation from the private sector means officials are finally prepared to get tough.
Get the latest updates from
MIT Technology Review
Discover special offers, top stories, upcoming events, and more.