FireOak Strategies, LLC announced the results of their high-level security audit of the 2020 presidential candidates’ email systems and websites. This analysis, based completely on non-intrusive testing of publicly accessible data sources, indicates that many of the presidential candidates’ campaigns are not taking full advantage of standard security features.
Recommended AI News: How To Make Your Chatbot Successful In The ECommerce Market
“Considering how big of a role email security played in the last election, we were shocked to find that several of the candidates are still not following industry best practices to secure their email, particularly when it comes to preventing spoofing,” writes Eric Smith, Chief Technologist and Chief Information Security Officer, and Abby Clobridge, founder of FireOak Strategies. Many intrusions begin with email phishing attacks, which is likely how the DNC was hacked in 2016.
Recommended AI News: What Will 2020 Bring for Digital Advertising?
Similarly, the research team noted that many candidates’ websites are using out-of-date security protocols and weak encryption. This combination has the potential to “allow a sophisticated attacker to decrypt traffic” to and from the campaigns’ websites.
FireOak’s findings are accompanied by an “Email and Website Security Scorecard,” which ranks the candidates from best to work based on how they fared in the assessment. “It is worth noting that all of the items we examined are standard features of most email and website hosting services … there’s no excuse for not having these protections in place.”