Post «Most of the largest US voting districts are vulnerable to email spoofing» in blog Прогноз погоды

People

John Smith

John Smith, 48

Joined: 28 January 2014

Interests: No data

Jonnathan Coleman

Jonnathan Coleman, 32

Joined: 18 June 2014

About myself: You may say I'm a dreamer

Interests: Snowboarding, Cycling, Beer

Andrey II

Andrey II, 41

Joined: 08 January 2014

Interests: No data

David

David

Joined: 05 August 2014

Interests: No data

David Markham

David Markham, 65

Joined: 13 November 2014

Interests: No data

Michelle Li

Michelle Li, 41

Joined: 13 August 2014

Interests: No data

Max Almenas

Max Almenas, 53

Joined: 10 August 2014

Interests: No data

29Jan

29Jan, 32

Joined: 29 January 2014

Interests: No data

s82 s82

s82 s82, 26

Joined: 16 April 2014

Interests: No data

Wicca

Wicca, 37

Joined: 18 June 2014

Interests: No data

Phebe Paul

Phebe Paul, 27

Joined: 08 September 2014

Interests: No data

Артем Ступаков

Артем Ступаков, 93

Joined: 29 January 2014

About myself: Радуюсь жизни!

Interests: No data

sergei jkovlev

sergei jkovlev, 59

Joined: 03 November 2019

Interests: музыка, кино, автомобили

Алексей Гено

Алексей Гено, 8

Joined: 25 June 2015

About myself: Хай

Interests: Интерес1daasdfasf, http://apple.com

technetonlines

technetonlines

Joined: 24 January 2019

Interests: No data



Most of the largest US voting districts are vulnerable to email spoofing

15:00 | 5 December expand

Most of the largest US voting districts are vulnerable to email spoofing

Only 5% of the largest voting counties in the U.S. are protected against email impersonation and phishing attacks, seen as a key attack method by hackers who officials say want to disrupt the upcoming presidential election.

The findings come less than a year before millions of Americans are set to go to the polls to vote for the next U.S. commander-in-chief, amid fears that Russia is preparing to disrupt the upcoming presidential election with tactics to manipulate voters as the U.S. intelligence community found in 2016. U.S. officials aren’t only concerned about the spread of foreign-led disinformation — or “fake news” — to try to alter the outcome of the tally, but also threats facing election infrastructure, like hackers breaking into election websites to dissuade or disenfranchise voters from casting their ballot — or even stealing voter data.

Researchers at Valimail, which has a commercial stake in the email security space, looked at the largest three electoral districts in each U.S. state, and found only 10 out of 187 domains were protected with DMARC, an email security protocol that verifies the authenticity of a sender’s email and rejects fraudulent or spoofed emails.

DMARC, when enabled and properly enforced, rejects fake emails that hackers design to spoof a genuine email address by sending to spam or bouncing it from the target’s inbox altogether. Hackers often use spoofed emails to try to trick victims into opening malicious links from people they know.

But the research found that although DMARC is enabled on many domains, it’s not properly enforced, rendering its filtering efforts largely ineffective.

The researchers said 66% of the district election-related domains had no DMARC recoat all, while 28% had either a valid DMARC entry but no enforcement, or an invalid DMARC entry altogether.

That could be a problem for six swing states — Arizona, Florida, North Carolina, Pennsylvania, Michigan and Wisconsin — where their largest districts are not protected from impersonation attacks. These states are critical to both Democrats and Republicans, as their historically razor thin majorities have allowed either parties’ candidates to win.

The worry is that attackers could use the lack of DMARC to impersonate legitimate email addresses to send targeted phishing or malware in order to gain a foothold on election networks or launch attacks, steal data, or delete it altogether, a move that would potentially disrupt the democratic process.

“It does not require a stretch to imagine attackers impersonating election officials via spoofed domains in order to spread disinformation, conduct voter misdirection or voter-suppression campaigns, or even to inject malware into government networks,” said Valimail’s Seth Blank, who authored the research.

“DMARC at enforcement is a crucial best practice for stopping the largest attack vector into any organization,” said Blank.

“It’s time to get it done,” he said.

Most of the largest US voting districts are vulnerable to email spoofing Most of the largest US voting districts are vulnerable to email spoofing Most of the largest US voting districts are vulnerable to email spoofing Most of the largest US voting districts are vulnerable to email spoofing Most of the largest US voting districts are vulnerable to email spoofing Most of the largest US voting districts are vulnerable to email spoofing
Most of the largest US voting districts are vulnerable to email spoofing

 


Read more→

Posted on 05.12.2019 15:00

Comments

To show the previous comments (%s from %s)
Show new comments

Last comments

Walmart retreats from its UK Asda business to hone its focus on competing with Amazon
Peter Short
Good luck
Peter Short

Evolve Foundation launches a $100 million fund to find startups working to relieve human suffering
Peter Short
Money will give hope
Peter Short

Boeing will build DARPA’s XS-1 experimental spaceplane
Peter Short
Great
Peter Short

Is a “robot tax” really an “innovation penalty”?
Peter Short
It need to be taxed also any organic substance ie food than is used as a calorie transfer needs tax…
Peter Short

Twitter Is Testing A Dedicated GIF Button On Mobile
Peter Short
Sounds great Facebook got a button a few years ago
Then it disappeared Twitter needs a bottom maybe…
Peter Short

Apple’s Next iPhone Rumored To Debut On September 9th
Peter Short
Looks like a nice cycle of a round year;)
Peter Short

AncestryDNA And Google’s Calico Team Up To Study Genetic Longevity
Peter Short
I'm still fascinated by DNA though I favour pure chemistry what could be
Offered is for future gen…
Peter Short

U.K. Push For Better Broadband For Startups
Verg Matthews
There has to an email option icon to send to the clowns in MTNL ... the govt of India's service pro…
Verg Matthews

CrunchWeek: Apple Makes Music, Oculus Aims For Mainstream, Twitter CEO Shakeup
Peter Short
Noted Google maybe grooming Twitter as a partner in Social Media but with whistle blowing coming to…
Peter Short

CrunchWeek: Apple Makes Music, Oculus Aims For Mainstream, Twitter CEO Shakeup
Peter Short
Noted Google maybe grooming Twitter as a partner in Social Media but with whistle blowing coming to…
Peter Short


Site search