More than three years after media reports disclosed hackers were interfering in the 2016 U.S. presidential race to influence voters, most of the country's candidates in the 2020 presidential election are struggling with cybersecurity issues, according to a nonpartisan group focused on internet standards.

A majority of the 23 candidates in the race for the White House failed to meet the privacy and security standards set by the Internet Society's Online Trust Alliance (OTA), according to the group's audit released this week .

The findings are the latest to show the increasing pressure countries are facing to preserve online security during elections, as well as in their industries and infrastructure.

The research by the OTA examined how well the 23 Democratic, Republican and Independent candidates are handling online security challenges in their campaigns. Just seven of the 23 politicians scored 80% or higher in campaign cybersecurity, meaning researchers found no failures in the three areas examined: privacy, website security and consumer protection. Weaknesses ensuring the data privacy of users accessing the candidate's online platforms raised the most red flags, researchers found.

"Sixteen candidates failed in privacy, and this was entirely due to language in the privacy statement that basically said they could share data with anyone they want and not hold them to any restrictions," says Jeff Wilbur, the OTA's technical director. "Also, if we are assessing a service such as PayPal or Twitter, we are looking for language such as, 'We don't share data except in narrow cases and anyone we share data with we're going to hold them to the same rules as ourselves.' None of the campaigns said that."

Researchers defined the three evaluating metrics as follows:

1. Privacy: A metric related to "data sharing, retention, notice, and third-party restriction policies in the privacy statement, as well as analysis of third-party tracking on the website."

2. Website security: Related to how secure servers for the campaign platforms were, type of encryption used, website protections and overall vulnerability.

3. Consumer protection: Related to how well-protected campaign emails were via authentication and encryption between servers, as well as domain protection from hackers.

Pete Buttigieg, Kamala Harris, Amy Klobuchar, Beto O'Rourke, Bernie Sanders, Donald Trump and Marianne Williamson earned "Honor Roll" status by receiving a passing grade in all of the three categories. Michael Bennet, Joe Biden, Cory Booker, Steve Bullock, Julian Castro, John Delaney, Tulsi Gabbard, Wayne Messam, Tim Ryan, Mark Sanford, Joe Sestak, Tom Steyer, Joe Walsh, Elizabeth Warren, Bill Weld and Andrew Yang were listed as having had “a failure” in at least one of the three categories.

Compared with other organizations in various sectors in the economy that the Online Trust Alliance audited in the past – retailers, banks, the Federal Reserve, consumers, media, internet service providers and hosts, and health sites – the 2020 presidential candidates' digital platforms are underperforming in the cybersecurity categories and are far less likely to join the "Honor Roll," the report showed .

Election Hacks Around the World

Cybersecurity issues have become increasingly important for political campaigns, and election-related cyberattacks are no longer isolated incidents. By September 2019, the Center for Strategic International Studies had identified dozens of cyberattacks around the world , including in elections and on countries' industries and infrastructure.

Government officials in Montenegro have said that Russia tried to interfere in the Balkan country's 2016 general elections, a charge that Moscow has denied. In December 2016 a senior official in German Chancellor Angela Merkel's government warned that the country's 2017 general elections were at risk of being manipulated by hackers in Russia, drawing further denials from Moscow.

Election hacks also have reportedly impacted countries such as the Netherlands and France, with the latter country's election infrastructure reportedly attacked in 2017. Then-candidate Emmanuel Macron, the favorite to win France's presidential election, was the target of a cyber espionage group linked to the Russian military.

In the run-up to the September 2018 general election in Sweden, government officials in that country worked with social media companies, the private sector and the news media to boost online security. Steps taken included the creation of a Facebook "hotline" to report false content, a media literacy program for high school students and the training of government workers to better identify digital influence programs, the BBC reported .

During the 2016 U.S. presidential campaign, Russia targeted election systems in all 50 states, while more recently Microsoft announced a hacker group with ties to Iran has targeted the current presidential campaign. Between August and September 2019, the Microsoft Threat Intelligence Center noticed a threat group making more than 2,700 attempts to identify email accounts of particular Microsoft customers and attack 241 of them. "The targeted accounts are associated with a U.S. presidential campaign, current and former U.S. government officials, journalists covering global politics and prominent Iranians living outside Iran," Tom Burt, vice president of customer security and trust at Microsoft, wrote in a blog post.

Online security remains a major issue in the U.S. elections, the OTA report shows. While candidates in both the 2016 and the 2020 race scored well in website protection, consumer protection was worse in the 2020 race than in 2016. The 23 presidential candidates in the 2016 race performed slightly worse than the 2020 candidates, and privacy concerns remained issues for candidates in both election years.