August 2016: The Democratic National Committee Email Hack
It was reported that thousands of emails obtained from a hack on the Democratic National Committee (DNC) were recently posted on WikiLeaks. It was leaked a few days prior to the convention. However, it is believed that the hack began back in April when DNC leaders were notified by their technology team that they may have been hacked. Despite the notice, a staff member continued to send emails on a suspected hacked email server. Some of those emails included a new password to the website, and it was unencrypted.
Later in May, a DNC consultant began receiving pop-up messages in her personal email account stating that her account was suspected of being the target of state-sponsored actors. Even after the DNC consultant changed her email password, she continued to receive the pop-up. This shows that the hackers had not only breached the email servers of the DNC, but had also breached the personal webmail accounts of DNC employees and consultants. It was also discovered that some consultants were using personal webmail accounts for work purposes.
DNC was not the only one hit by the hackers. A site believed to be connected to the hackers contained not only data dumps from several high level Democratic politicians, but also contained roughly 300 emails obtained from Republicans.
It is believed that the hackers were able to glean needed information through targeted spear phishing emails. The hackers were able to make convincing spear phishing emails by combing through social media, blogs and other similar internet searches.
There are several steps that could have been taken to prevent this hack. One step would have been to use end-to-end encryption for communication. Another would be to have a policy in place that prohibits anyone from using their personal webmail accounts to discuss sensitive information. Lastly, the organization should have had a comprehensive security awareness program to help educate employees and consultants on how to determine whether an email is a phishing attempt.
For more details about the breach and steps that can be taken in order to prevent breaches such as this one, see the full Inspired eLearning Post.