Skip to Content
Computing

US political parties are still making basic cybersecurity blunders

The Capitol
The Capitol
The CapitolAP

Many of the biggest political organizations in the US still have awful cyber hygiene ahead of next year’s election.

The news: Researchers at cybersecurity firm SecurityScorecard spent the first quarter of 2019 analyzing the anti-hacking defenses of the parties, including both the US Republican National Committee (RNC) and the Democratic National Committee (DNC). They found that both have some serious holes to address.

The dirty truth: The flaws include exposed personal data about employees that could be used to create fake identities; older versions of software that could let hackers steal usernames and passwords fairly easily; and malicious software, or malware, that could be used to spy on party activities and compromise user accounts.

Why this matters: Ahead of the 2016 US presidential election, hackers penetrated the DNC’s systems and stole e-mails and other data to cause chaos. With European Union parliamentary elections looming and the US about to enter another presidential election year, more attacks on political organizations are inevitable.

Bigger is (somewhat) better: The researchers acknowledge that the RNC and DNC have put significant effort into bolstering their cyber defenses since 2016 but say they still found some (undisclosed) weaknesses. Another, smaller party was using a tool that leaked voter names, dates of birth, and addresses. This flaw was fixed after the party was told what SecurityScorecard had found.

Deep Dive

Computing

Russia is risking the creation of a “splinternet”—and it could be irreversible

If Russia disconnects from—or is booted from— the internet’s governing bodies, the internet may never be the same again for any of us.

Conceptual illustration of quantum computing circuity, in multiple colors
Conceptual illustration of quantum computing circuity, in multiple colors

Quantum computing has a hype problem

Quantum computing startups are all the rage, but it’s unclear if they’ll be able to produce anything of use in the near future.

winning team for Pwn2own 2022
winning team for Pwn2own 2022

These hackers showed just how easy it is to target critical infrastructure

Two Dutch researchers have won a major hacking championship by hitting the software that runs the world’s power grids, gas pipelines, and more. It was their easiest challenge yet.

white house regulates cyber concept
white house regulates cyber concept

Inside the plan to fix America’s never-ending cybersecurity failures

The specter of Russian hackers and an overreliance on voluntary cooperation from the private sector means officials are finally prepared to get tough.

Stay connected

Illustration by Rose WongIllustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.