I was sitting down to write a blog on security, focused on some of the latest data published regarding how IT security impacts small to medium businesses and before I could begin I was lobbed a softball by the Democratic National Convention – a leak (breach) of Democratic Party emails last weekend allegedly conducted, or at least backed, by Russia.
So what happened?
“On Sunday, Hillary Clinton’s campaign manager, Robby Mook, accused Russia of working through hackers to access 19,000 emails at the Democratic National Committee that were dumped into the public domain last Friday by WikiLeaks. The emails showed DNC staffers working to help Clinton’s campaign during her primary fight against Bernie Sanders, despite the DNC’s publicly neutral stance,”*
Why is it important?
We’re an IT Services and IT Security Company, so we’ll try to leave politics aside for this blog. In that spirit, what can we learn from an IT perspective from the leak?
Email isn’t just communication, its valuable personal and corporate data
Sometimes we separate email from other corporate data, but that’s a mistake. In a typical company email system, hackers could potentially find information on corporate strategy, personally identifying information, financial information, IT system passwords, and other information that could help in further attacks through phishing, etc. Our email isn’t just communication, it’s data that needs to be protected.
While these hackers weren’t looking for credit card numbers in the DNC email, they did learn (and expose) a lot of information about strategy, tactics, and plans that were certainly not intended for the public. In the 19,000 emails, how much personally identifiable information (PII) was present? PII in security speak, within the thousands of emails there could be the need for risk mitigation and damage control, not to mention the potential for law suits and other fines.
Not all email is secure, use encrypted email for sensitive information
Many people still “trust” email as a secure communication method and willingly share private information such as credit card numbers, social security numbers, healthcare information to name a few. In the hands of the wrong people that can be very dangerous and costly many people. Email is not secure by default and must be encrypted prior to sending to have proper security for sharing any private information. If you’ve ever received an email from your doctor or financial institution that sends you to a website to login to read your email, that is a secure, encrypted email.
Security experts are giving you plenty of warning. The time to listen is now.
Security experts have been beating the drum for a while now – cyber attacks are growing at an alarming rate and frequently the target is shifting to small businesses. Another troubling aspect of this breach is that “Federal investigators tried to warn the Democratic National Committee about a potential intrusion in their computer network months before the party moved to try to fix the problem, U.S. officials briefed on the probe tell CNN.” If true, and the FBI warned the DNC and they did not act, it creates a massive problem for the DNC leadership and their credibility. Action in fact was swift as the DNC Chairwoman, Debbie Wasserman Schultz, announced her resignation on Sunday. Further evidence showed “The DNC brought in consultants from the private security firm CrowdStrike in April. And by the time suspected Russian hackers were kicked out of the DNC network in June, the hackers had been inside for about a year.”**
A year! That is a long time to be gathering data and suggests more is likely to be leaked. In fact, WikiLeaks founder Julian Assange virtually has already stated as much. All those emails, all that data is still out on the public domain where anyone with access to the internet can see them.
Federal Investigators may not be calling you with warnings about your small business, Security experts have been beating the drum for a while now – cyber attacks are growing at an alarming rate and frequently the target is shifting to small businesses. It’s time to listen to the experts and take basic steps to protect your company.
Borders don’t protect your company in cyber attacks
It’s being reported that these attacks came from Russia. Borders can’t protect us from the rest of the world when it comes to cyber attacks. Prosecution and restitution for damages caused by an attack is not going to happen. As an example, once funds are extorted into a foreign country through ransomware, consider it gone with no recourse.
For your business, the foreign nature of attacks is alarming due to the lack of accountability and prosecution, for the DNC breach, the motivation and ability to influence our country’s political process is very alarming.
It’s been stated that the intent was to expose DNC members that used email to sway people to one candidate over the other, something that fundamentally against the DNC charter. Was this done to just embarrass the DNC or was it a wider sweeping intent to impact our actual Presidential election process in November? If it was in fact Russia, did they do this to make the DNC look unscrupulous in hopes to sway voters to the other Party? The repercussions are HUGE – potentially impacting the outcome of who will be our next President!
Some simple steps could have avoided this disaster or at least mitigated it. Just a few things to consider as you run your business –
- Robust IT security monitoring and management to proactively detect malicious attacks
- Defined governance process and procedures to define what is and is not acceptable
- Employee training programs on what to look for, what to NOT put in email
- A defined Security Response Procedure to act quickly and decidedly if attacked
- Take any warnings seriously and address them now
If you can’t check each one of these off your list, call us and we’ll make sure you can. And don’t be surprised when a new wave of hacked emails is made public.