Every two years almost seventy major candidates vie for Senate seats across the United States. Many of the candidates have or will soon have a major impact on policy and spending, and their campaign web sites are visited by millions of voters and other interested parties. 2016 has been the year of the political cyberattack, with hacked emails, phishing, insecure servers and even whispers of foreign penetration in the news.
Despite this backdrop, the cybersecurity of US Senate senatorial campaigns leaves much to be desired. On November 1, Cybertical employed a new tool to scan the sites of 67 major candidates and found unpatched vulnerabilities, administrative usernames and public entry points on many of them. To help communicate which candidates’ sites were better or worse than others, every site scanned was awarded a “grade point average” (GPA) and a letter grade from A to F.