August 2016: The Democratic National Committee Email Hack
It was report that thousands of emails obtained from a hack on the Democratic National Committee (DNC) was recently posted on WikiLeaks. It was leaked a few days prior to the covention. However, it is believed that the hack began back in April when DNC leaders were notified by their technology team that they may have been hacked. Despite the notice, a staff member continues to sent emails on a suspected hacked email servers. Some of those emails inlcuded a new password to the website, and it was unencrypted.
Later in May, a DNC consultant began receiving pop-up messages in her personal email account stating that her account was suspected of being the targt of state-sponsored actors. Even after the DNC consultant changed her email password, she continued to receive the pop-up. This shows that the hackers had not only breached the email servers of the DNC, but had also breached the personal webmail accounts of DNC employees and consultants. It was also discovered that some consultants were using personal webmail accounts for work purposes.
DNC was not the only one hit by the hackers. A site believed to be connected to the hackers contained not only data dumps from several high level Democratic politicians, but also contained roughly 300 emails obtained from Republicans.
It is believed that the hackers were abled to glean needed information through targeted spear phishing emails. The hackers were able to make convincing spear phishing emails by combing through social media, blogs, and other similar internet searches.
There are several steps that could have been taken to prevent this hack. One steps would have been to use end-to-end encryption for communication. Another would be to have a policy in place that prohibits anyone from using their personal webmail accounts to discuss sensitive information. Lastly, the organization should have had a comprehensive security awareness program to help educate employees and consultants on how to determine whether an email is a phishing attempt.
For more details about the breach and steps that can be taken in order to prevent breaches such as this one, see the full Inspired eLearning Post.