Security News > 2020 > July > U.S. Election Administrators Failed to Implement Phishing Protections: Study
A majority of election administrators in the United States have yet to implement cybersecurity controls designed to provide protection against phishing attacks, a new Area 1 Security report reveals.
The U.S. elections have been targeted by phishing as well, with examples including attacks against election-sensitive organizations in 2016 and 2018, and phishing attempts targeting the current 2020 election cycle.
Looking to evaluate the email protections and controls that election administrators have implemented, Area 1 Security has analyzed 10,000 state and local election administrators' susceptibility to phishing, and it has discovered that more than half of them use rudimentary or non-standard technologies for phishing protection.
The study also discovered that roughly a third of election administrators have basic controls to prevent phishing and that less than one-fifth of them use advanced anti-phishing controls.
In its report, which includes security ratings for election administrators in every U.S. county, Area 1 Security recommends that election administrators cease using Exim, especially in light of recently targeted vulnerabilities, or at least ensure that it is up to date.