NEW DELHI: Politicians are increasingly turning to digital platforms, such as websites, apps and social media, to reach out to the internet-savvy voters. However, there are doubts about how secure these websites are.
The official website of the Bharatiya Janata Party (BJP) was hacked on 5 March. The website still shows that it is “...performing some maintenance...".
More than 60% of global politicians do not use the essential Hypertext Transfer Protocol Secure (https) standard when it comes to their personal websites, according to a new study, published by online portal Comparitech on 6 March.
Official websites of Congress president Rahul Gandhi and Prime Minister Narendra Modi were found to be using the https standard. However, the websites of BJP president Amit Shah, Congress MP Shashi Tharoor and Odisha chief minister Naveen Patnaik did not.
The study was based on an analysis of personal and campaign websites of more than 7,500 politicians in 37 countries, including India, where the percentage of politicians not using the standard, at 83.87%, is higher than the global average. The study covered 887 Indian politicians and found that 217 of them have personal websites and of them 182 don’t use the security standard.
In developing countries, 74.98% of such websites did not use https, compared to developed countries where 64.46% didn’t use it, the study said. A countrywide breakup shows that the US (26.22%), UK (30.65%) and Germany (31.92%) had the lowest number of websites without https, while in countries such as South Korea (92.31%) and Poland (91.16%) the numbers were highest. Half of these websites asked users to share personal information, such as name and email to register, log in, send comments or subscribe for newsletters. In the absence of https, users face risks of getting their data intercepted by third parties such as ISPs, government agencies and hackers. Websites where users can make donations, making online payments, can be very risky.
Websites with the https standard are considered safer and are used by all major banking and e-commerce companies. However, according to cybersecurity firm Kaspersky Labs, https symbols alone will not protect users from phishing attacks. The green lock will ensure no one can eavesdrop on the user, but it doesn’t verify if the webpage is genuine.
Kaspersky Labs advises users to always check the domain name carefully as the name of a fake website might differ by only one character.