Photo: Thomas Trutschel/Photothek via Getty Images

Three of every 10 candidates running for the U.S. House of Representatives have websites with significant security vulnerabilities, according to research unveiled at cybersecurity conference DEF CON this weekend, per Reuters.

The big picture: Campaigns don't benefit from the kind of federal assistance that states are receiving from Congress to handle election security, and candidates often run on tight budgets and can't always pay for cybersecurity expertise.

  • There are a few free services available to campaigns to help protect against attacks that can flood sites with too much traffic and force them to shut down, including offerings from Cloudflare and Google-owned Jigsaw.
  • Otherwise, they can contact party officials when they suspect they've been targeted, or work with nonprofit groups such as the Defending Digital Democracy Project (D3P) at Harvard. That, or they can hope to have volunteers on board with cyber know-how.

Why it matters: Director of national intelligence Dan Coats has warned that Russian hackers are targeting both candidates and government officials. Midterms are less than 100 days away.

The details:

  • The researchers found problems with websites’ digital certificates that are supposed to verify secure connections.
  • Vulnerabilities were found for Democrats and Republicans alike.
  • The researchers said they are working to contact all the candidates implicated so they can better secure their websites.
  • The group also found several websites built to trick users by changing just a few letters of candidates’ names. The tactic can be used to build fronts for spearphishing campaigns.
  • Joshua Franklin, who used to work at the U.S. Commerce Department’s National Institutes for Standards and Technology and who led the research team, used automated scans and test programs to identify vulnerabilities.

Go deeper

Updated 1 hour ago - Politics & Policy

Coronavirus dashboard

Illustration: Aïda Amer/Axios

  1. Global: Total confirmed cases as of 4:30 p.m. ET: 12,128,406 — Total deaths: 551,552 — Total recoveries — 6,650,675Map.
  2. U.S.: Total confirmed cases as of 4:30 p.m. ET: 3,088,913 — Total deaths: 132,934 — Total recoveries: 953,420 — Total tested: 36,979,745Map.
  3. Public health: More young people are spreading the virus Cases rise in 33 statesFlorida reports highest single-day death toll since pandemic began.
  4. Science: World Health Organization acknowledges airborne transmission of coronavirus.
  5. 1 🐂 thing: How the world could monitor for potential pandemic animal viruses.
2 hours ago - Science

More young people are getting — and spreading — the coronavirus

Illustration: Annelise Capossela/Axios

More young people are being infected with the coronavirus, and even though they're less likely to die from it, experts warn the virus' spread among young adults may further fuel outbreaks across the United States.

Why it matters: Some people in their 20s and 30s face serious health complications from COVID-19, and a surge in cases among young people gives the virus a bigger foothold, increasing the risk of infection for more vulnerable people.

Joint Chiefs chairman condemns Confederate symbols

Chairman of the Joint Chiefs of Staff Gen. Mark Milley criticized Confederate symbols before the House Armed Services Committee on Thursday, and called the Civil War an "act of treason."

Why it matters: Milley said that minority service members — which he noted make up 43% of the U.S. military — may feel uncomfortable that Army bases are named for Confederate generals who "fought for an institution of slavery that may have enslaved one of their ancestors."