The Democratic National Committee (DNC) still has hackable vulnerabilities in its computer networks, while the Republican National Committee (RNC) performed slightly better than the DNC, but still has gaps to fill, according to a new report.
“While SecurityScorecard believes the DNC has made significant investments in security since 2016, the organizational behavior at managing digital assets still lags behind the RNC,” the SecurityScorecard report said. The DNC, as we remember, suffered a significant breach in cybersecurity in the lead up to the 2016 Presidential election. The DNC has major vulnerabilities in its two-factor authentication programming that could easily lead to the harvesting of user credentials.
The report found instances with the RNC where integration and configuration were not as sound for domain name security (DNS) health. It is also leaking the mapping software tool AreGIS administrative subdomains and have unencrypted logins for an RNC application programming interface server.
“Political parties and NGOs (non-governmental organizations) are clearly a target of opportunity, and, based on our research, not always up to the challenge of keeping threat actors out,” the report said.