US House Candidates Vulnerable To Hacks, Researchers Say

About 30 percent of House candidates running for office this year have significant cybersecurity issues with their campaign websites, according to a new study. Reuters: The research was unveiled on Sunday at the annual Def Con security conference in Las Vegas, where some attendees have spent three days hacking into voting machines to highlight vulnerabilities in technology running polling operations. A team of four independent researchers led by former National Institutes for Standards and Technology security expert Joshua Franklin concluded that the websites of nearly one-third of U.S. House candidates, Democrats and Republicans alike, are vulnerable to attacks. NIST is a U.S. Commerce Department laboratory that provides advice on technical issues, including cyber security. Using automated scans and test programs, the team identified multiple vulnerabilities, including problems with digital certificates used to verify secure connections with users, Franklin told Reuters ahead of the presentation. The warnings about the midterm elections, which are less than three months away, come after Democrats have spent more than a year working to bolster cyber defenses of the party's national, state and campaign operations.

Problems with Digital Signatures

[roccomaglio]

From the article "Using automated scans and test programs, the team identified multiple vulnerabilities, including problems with digital certificates used to verify secure connections with users, Franklin told Reuters ahead of the presentation." This may or may not be an issue. If the site is simply providing information and/or collecting email addresses this is not really an issue. If the site is collecting credit card info it would be an issue, but that is usually done through a third party. Basically they ran something that tested the web sites SSL implementation and without more information we cannot determine if that is really an issue.