" webaides Archives - LuxSci FYI Blog: Learn about HIPAA email encryption, secure email encryption, and more

Posts Tagged ‘webaides’

The 2020 Elections: Why Cybersecurity Matters

Tuesday, September 17th, 2019

No matter which side of the political divide you fall on, everyone needs to prepare for the onslaught of the 2020 elections. Amid the barrage of political ads and hot takes, there are a lot of serious issues that need to be discussed. Cybersecurity is one of the most critical, although it may end up overshadowed amid other distractions.

Why Is Cybersecurity so Important Ahead of the 2020 Elections?

There are two critical reasons. The first is that as our lives and businesses have moved online. We have become more vulnerable to internet-based attacks. In recent years, attack rates have been growing rapidly, and bolstering our cyber defenses is a critical part of protecting our modern way of life.

Secondly, the 2016 election was heavily influenced by Russian cyber attacks and online propaganda. The country needs to improve its cybersecurity to keep its democratic process free from foreign influence.

How Were the Elections Influenced by Foreign Adversaries?

Russian agents targeted the 2016 elections in a multi-pronged campaign. This included setting up fake social media accounts that promoted extreme views of both the left and right. The goal was to sow discord across the country.

On top of this, there were a number of different hacks. The most damaging were attacks against the DNC and Clinton campaign, which resulted in thousands of emails being released. The leaks were prominent talking points throughout Clinton’s election bid, and arguably had an influence on the outcome.

Ahead of the elections, voting systems and databases were penetrated by Russian operatives in 39 states. At this stage, it seems that the probes were mainly focused on seeking out vulnerabilities and accessing data. There is no evidence that any votes were changed.

Russian meddling continued in the 2018 midterm elections as well. At the start of the year, Secretary of State Rex Tillerson and six US intelligence agencies acknowledged that Russia was attempting to influence the midterms.

At the start of the year, thousands of emails from senior aides of the National Republican Congressional Committee were accessed by hackers, however the attacks weren’t reported on until December. Attacks continued throughout the year, with attempts targeting the Utah voter registration database, three candidates for Congress, and others.

There were also a number of propaganda campaigns, including the launch of the new media outlet USAReally, Russian support of the WalkAway social media crusade, and continued coordination of fake accounts.

Why Should We Expect Further Election Interference?

The most obvious reasons are that the interference has never really stopped, and it also seems like the techniques have been effective in working toward the perpetrator’s aims. According to the Guardian, Steven Hall, a retired chief of the CIA’s Russian operations said, “Russia would be remiss not to try again, given how successful they were in 2016.”

As the trade war with China heats up, new election cyber threats could emerge from another powerful adversary. However, according to a 2018 quote from Homeland Security Secretary Kristjen Nielsen, there was “no indication” that China had been directly meddling with election systems at that stage.

What’s Being Done to Protect the Election?

In response to the attacks, there have been a number of different moves to increase election security. In 2018, Congress passed a bill that granted $380 million toward election defenses. Part of the funding was for state grants that covered the purchase of voting machines with enhanced security, election audits, and cybersecurity training.

The HR 1 bill included provisions for enhancing election security and would have required the director of intelligence to examine foreign threats more thoroughly. The Defending Elections Against Trolls From Enemy Regimes Act and the Defending The Integrity Of Voting Systems Act were also introduced. All three of these bills included provisions that are aimed at defending elections, but according to Senator Roy Blunt, it is unlikely that any of them will pass the Senate.

Democratic Senators also introduced a bill to revert back to paper ballots instead of using electronic voting machines. These machines are renowned for their security issues, however the bill also looks like it may not pass.

How Can Elections Be Protected?

At the national level, very little has been done to defend against Russia and other adversaries meddling in US elections. While a number of the above-mentioned bills would have been positive steps for national security, it seems like they won’t be enacted.

One of the biggest threats comes from the notoriously insecure electronic voting systems that many states use. These are difficult to secure, even in best-case scenarios. Given how severe the threat is and that these systems have already been penetrated in the past, moving back to paper-based elections would help to protect the outcome from interference.

Another key priority is to secure the emails of all key targets, including those campaigning on both sides, election officials and other high profile individuals. In the past, email accounts have been a prime target for election-related attacks.

Email attacks tend to succeed because of weak passwords or social engineering. All vulnerable parties need to make sure they are using unique and strong passwords for each of their accounts. An easy way to do this is to deploy a password management tool like LuxSci’s WebAidesTM passwords.

On top of this, politicians, officials and their staff need to be trained to recognize and avoid social engineering and phishing attacks. These attacks can involve hackers impersonating key figures and demanding credentials, emailing convincing-looking links that actually lead to malware, and other clever scams.

These two simple changes would go a long way toward keeping email accounts safe ahead of the election. They would significantly reduce the success rate of email-related attacks, reducing the opportunities that Russians have to influence the outcome.

LuxSci Web Interface Updates in Beta

Monday, February 2nd, 2015

LuxSci has finished the next in a series of updates to its WebMail and WebAide user interfaces.  The purpose of these updates is to:

  1. Save space by reducing the screen space used for commands and options
  2. Simplify by reducing the clutter and visual overload of available options, such that only the most commonly used commands are present
  3. Simplify by visually disabling options that are not currently available (e.g. delete when nothing is selected to delete)
  4. Enable the above simplifications without taking away any available features … and in fact leaving room for the addition of new features without negatively impacting the user interface.

These updates are scheduled to be released on Friday evening, February 6th.  If you would like to try them out ahead of time, please login to our Beta site: https://beta.luxsci.com.

Read the rest of this post »

LuxSci WebMail Interface Revisions

Tuesday, December 9th, 2014

LuxSci has just released the latest in a series of updates to its WebMail interface.  These updates, which will occur in stages over the next 3-6 months, are designed to enhance the speed and usability of WebMail and to introduce a series of new and often requested features.

This revision (the first since the update to the WebMail Composer this summer) is mostly cosmetic — introducing a series of stylistic and layout changes forming a basis for successive updates. Some of the most notable aspects of this release include:

  1. Cleaner and more visually appealing
  2. A simplified tree of folders on the left
  3. Drag and drop works on touch devices (e.g. iPad)
  4. The “Folders” menu has been moved in to the “gear” icon  at the top of the “Email Folders” area.

Similar changes have been made to the “WebAides” interfaces for managing Calendars, Tasks, Address Books, etc.

What is in the works?

Read the rest of this post »

HIPAA Alert: Contacts, Calendar Events and Tasks may contain ePHI!

Monday, February 3rd, 2014

When health care organizations review their operations to see where electronic protected health information (ePHI) is being saved, transmitted, and viewed, a great deal of time is spent on the obvious candidates: email, chat, stored files, and health records, etc.

Many overlook the fact that ePHI can be embedded in Contacts, Calendars, and Tasks.  Consider for example:

Read the rest of this post »

File Drag and Drop for WebMail, SecureLine, and File Manager

Saturday, July 27th, 2013

Upload single or multiple files via drag and drop from your desktop instead of clicking and selecting files individually.

Recent versions of most popular web browsers (including Internet Explorer v10+) include features that allow web sites to receive files dropped on them from your desktop and that allow web sites to upload these files in the background (e.g. while you are composing an email), giving you a progress bar so you can see how the upload is doing.

Indeed, drag and drop file uploads to web sites are becoming the “new normal” with the old method of clicking on individual file upload fields to select a file from your browser being “old school” for any place where files are frequently accessed.

Read the rest of this post »