August 27, 2018

Research by Anomali Labs Shows Significant Majority of State Election Websites Remain Vulnerable to Email-Based Attacks

New research from Anomali Labs evaluates State election website adoption rates for email security technologies

REDWOOD CITY, Calif., Aug. 27, 2018 -- Anomali today published research detailing the level of security readiness across US states election websites to combat email-based threats. In the report “Can Lightning Strike US Elections Twice?: Email Spoofing Threat to the 2018 US Midterm Elections,” the authors determine that despite well-publicized election-related email breaches, most US states have vulnerabilities that could be remedied by widely available countermeasures.

Email spoofing is a social engineering technique where the threat actor forges an email so that a message appears to have originated from someone other than the actual source. Spoofing is widely used in spam and phishing campaigns where the attacker’s goal is to trick users into clicking malicious links. These techniques proved effective in the Democratic National Committee (DNC) attack in 2016 in which Russian agencies gained access to sensitive campaign information. Such attacks have become commonplace - in July 2018, Senator McCaskill’s campaign was the target of a similar email phishing attack.

The Anomali Labs team examined secretary of state and voter registration websites for all 50 US states, the District of Columbia, and 5 US territories. Each site was evaluated to detect use of six email security technologies.

Sender Policy Framework (SPF) - 34% adoption
DomainKeys Identified Mail (DKIM) - 10% adoption
Domain-based Message Authentication, Reporting and Conformance (DMARC) - 16% adoption
DNSSEC - 11% adoption
STARTTLS - 42% adoption
DNS-based Authentication of Name Entities (DANE) - 0% adoption

“Malicious actors will attempt to exploit any potential vulnerability to achieve their goals. Too often targeted organizations rely on employee judgment to identify suspicious messages,” said Hugh Njemanze, chief executive officer of Anomali. “Through our partnership with the Election Infrastructure Information Sharing and Analysis Center (EI-ISAC) we are working to help all states prepare for these types of threats, and many others.”

The full report is available for download at https://www.anomali.com/resources/whitepapers/email-spoofing-threat-to-the-2018-us-midterm-elections. This is the first of a series of upcoming election-related research reports from Anomali Labs.

About Anomali

Anomali detects adversaries and tells you who they are. Organizations rely on the Anomali Threat Platform to detect threats, understand the adversary, and respond effectively. Anomali arms security teams with machine learning optimized threat intelligence and identifies hidden threats targeting their environments. Anomali enables organizations to collaborate and share threat information among trusted communities and is the most widely adopted platform for ISACs worldwide. To learn more, visit www.anomali.com and follow it on Twitter: @anomali.

__wf_reserved_heredar