The DNC HAS Been Hacked - How Did it Happen and What Lessons Can We Learn from It?

34ccfc75772c853410d9_355e48e909f9a018d94e_carousel_image_153e39b1eeea20cd02a7_dnc4.jpg
34ccfc75772c853410d9_355e48e909f9a018d94e_carousel_image_153e39b1eeea20cd02a7_dnc4.jpg
EAST BRUNSWICK, NJ -  The security compromise and recent leak of thousands of Democratic National Committee (DNC) electronic messages should serve as the latest reminder of how terribly exposed our digital lives leave us and our private information. If a large, well-funded organization as powerful as the DNC cannot protect its sensitive communications, how can any of us ever expect to protect our own communications and personal data?
 
What Was Hacked?
An extensive file containing sensitive information about Republican Presidential Candidate Donald Trump was hacked from a DNC network server and subsequently posted publicly on the internet on June 15. The information first appeared on the anti-secrecy website WikiLeaks. The hack of the DNC server was quickly attributed by law enforcement to what appears to be foreign state-sponsored hackers connected to Russian intelligence. Among other things, the files exposed the DNC’s non-neutral preference (and potentially biased activity in support of it) for Hillary Clinton to win the Democratic Presidential nomination over Progressive Democratic candidate Bernie Sanders.
 
The leaked file included internal DNC emails, text messages and a 200-page book of opposition research assembled about Trump. The sensitivity of the information as well as the timing of the leak has resulted in what some are describing as a rough start to the Democratic National Convention in Philadelphia. The compromise has already resulted in the resignation of DNC Party Chairwoman Debbie Wasserman Schultz. It has also reignited the fire and criticism from Sanders supporters during a period when the Democratic party was hoping to unify all of its constituents.
 
 
How Does a Security Compromise Like this Happen?
Organizations including the RNC and the DNC have invested heavily in the latest security technologies with the goal of securing their computing networks and connected devices. They’ve also developed, documented and implemented policies and procedures that help them to operate securely and meet legal and regulatory requirements. Yet losses to security breaches for these same organizations continue to occur. This is almost always the result of a lack of security savvy among the organization’s Internet-connected users. All too often security breaches like the one at the DNC are caused by users doing something that they shouldn’t do such as clicking a malicious link in an email message, opening an infected email attachment or visiting a website that is tainted with malware.
 
 
What Kind of Cyber Attack Was This?
Almost all legitimate sources say that the DNC hack was likely the result of a Phishing exploit. Phishing exploits attempt to acquire sensitive information such as usernames, passwords, credit card details, money or intellectual property by simulating a trustworthy source in electronic communication. Communications pretending to be from popular social media sites, email platforms, banks, payment processors, IT administrators and other trusted sources commonly are used to lure victims. Phishing emails often contain links to websites that are infected with malware. Phishing attacks often direct users to enter user names and passwords at fake websites whose look and feel are almost identical to the legitimate one they are mimicking. Phishing is just one type of social engineering technique used to deceive users, but it remains among the most dominant and effective attacks being used by cyber-criminals today.
 
How can the Average Person Avoid Falling Victim to a Similar Attack?
The only way to stay protected from these type of threats is to exercise good judgement and extreme vigilance when it comes to internet use. Security implications should always be considered when doing any kind of computing. Be skeptical of every email, text and instant message that you receive. Examine them carefully to verify the legitimacy of the source. Examine URL’s to ensure they are not malicious spoofs. This thinking needs to be applied when using any type of connection and every device.. at work, at home and when out and about as well. Here are a few additional tips worthy of consideration:
 
- Regularly update software;
 
- Be skeptical of every email, text and instant message;
 
- Use 2 factor authentication whenever it is available;

 
- Use encryption whenever possible;
 
- Connect on trusted, secure networks only;
 
- Use lock-out schemes when devices are idle;
 
- Selectively choose applications and terminate permissions for applications not used; and
 
- Avoid losing devices by keeping them close.
 
Education is equally important, Because of this, parents and older siblings of children should teach kids about acceptable usage and cyber-security threats when they are first learning to access and use the internet. Children are smart and a little coaching will position them to properly recognize and avoid cyber-threats.
 
Prior to the existence of the internet, criminals had to physically spy on or attack their prey, break and enter, intercept mail or dig through garbage to steal personally identifiable information and communications. . Now that most of society’s information is available and exchanged with the ease of a click online, criminals leverage the internet to steal communications, account credentials, money, identities, sensitive intellectual property and private data. Today, cyber-criminals can anonymously deliver their attacks anonymously with a basic computer and internet connection right from the comfort of their own homes or from anywhere else in the world. They’re also able to attack hundreds, if not thousands, of potential victims at a time with the simple click of a mouse.
 
I saw a recent interview with James Comey, the current FBI director, that really resonated with me. He said that people should treat their e-mail box like they treat their home. If somebody knocked on your door at 2 in the morning, you wouldn’t just open the door and let them in. You would ask who it is, look out the window and try to vet who it was. The problem today with cyber-security is that people will receive a message, they click on a link, they open an attachment, they really don’t think where these things are coming from. It is important to know the source of these messages. It is not just e-mails. It is anything with instant messaging, social media and the like. Most security compromises happen because somebody is does something that they shouldn’t do. They open a link, they open an attachment from an e-mail from a dubious source. Once they do that, a malicious payload is in their system and that could lead to the type of debacle that the DNC is now experiencing.
 
The DNC hack is the latest reminder of how terribly exposed we are when we use the Internet. By exercising good judgement and vigilance we can improve our ability to avoid falling victim to hackers online.
 
 
Jeff Bernstein is an East Brunswick resident and the managing director of the T&M Protection Resources Cyber Security Advisory team. T&M is a security solutions provider that focuses on the protection of people, property and information. Bernstein has over 17 years of experience leading organizations dedicated to the protection of critical electronic computing infrastructure. Reach Bernstein at jbernstein@tmprotection.com.
 
 The Guest Column is our readers' opportunity to write about a given issue or topic in an in-depth and educational manner.
 
The opinions expressed herein are the writer's alone, and do not reflect the opinions of TAPinto.net or anyone who works for TAPinto.net. TAPinto.net is not responsible for the accuracy of any of the information supplied by the writer.
 
 
 
 

 The Guest Column is our readers' opportunity to write about a given issue or topic in an in-depth and educational manner.

The opinions expressed herein are the writer's alone, and do not reflect the opinions of TAPinto.net or anyone who works for TAPinto.net. TAPinto.net is not responsible for the accuracy of any of the information supplied by the writer.

TAP Into Another Town's News:

You May Also Be Interested In

Sign Up for E-News

Summit

Upcoming Events

Carousel_image_9a5deedfa0719c5c7c68_35c2f75239e5a57bb71f_tricia-walker

Sun, February 25, 9:30 AM

Calvary Church, Summit

Tricia Walker-Three Chords and the Truth: A ...

Arts & Entertainment

Carousel_image_2e2e4830042112095f66_94f09724857a937db1ac_d6404e0a-7afd-4279-b56f-19b0f9b2138c

Sun, February 25, 10:00 AM

Camp Riverbend, Warren

Camp Riverbend Open House

Carousel_image_087643a04f42d6d72cbf_tapevents_rockette

Sun, February 25, 11:00 AM

The Connection, Summit

Rockette Style Workshop Series

Arts & Entertainment

Summit Fire Department Blotter

01/01/2018 9:26 am     FD dispatched to a motor vehicle accident, car vs. pole in front of 196 GLENSIDE AVENUE.  On arrival occupant was out of the vehicle.  Summit EMS assumed patient contact. FD made notification to the power company to make repairs.  Summit PD remained on scene for traffic control and road closure until repairs were made.

01/02/2018 7:36 pm ...

Summit Police Blotter

February 12, 2018

2/1 - At 0955 hours a report was taken for a theft of a street sign. The unlawful incident occurred between an unknown time frame on Pine Grove Avenue. Value of the street sign was not immediately available at the time of the report.

2/5 - Roberto C. Noel-Berman, 23, of Summit was arrested and charged with possession of CDS. Mr. Noel-Berman was released with a pending court date.

2/5 - ...

Lightbridge Academy in Millburn Hiring Assistant and Lead Teachers

February 23, 2018

If you are passionate about educating and nurturing young minds, you may fit right in with our family! Lightbridge Academy is currently hiring Assistant and Lead Teachers to join our team and grow with us!

If you would like to learn more about the positions offered, you can reach us at 973-218-1800.

Video: Point View's Petrides Says Market Healthy, Strong Despite Sell-Offs

Point View Wealth Management's Managing Director and Portfolio Manager, John Petrides, live on FOX Business News discussing the market sell-off post the release of the Fed Minutes:

video.foxbusiness.com

For nearly 25 years, Point View Wealth Management, Inc. has been working with families in Summit and beyond, providing customized portfolio management services and ...

Is FAANG Long in the Tooth?

Investors love to rally around a stock story. Today it’s all about the FAANG stocks. Facebook (FB), Amazon (AMZN), Apple (AAPL), Netflix (NFLX) and Google (GOOG) are a major reason why the S&P 500 rallied so much in 2017. Mr. Market is convinced the FAANGs are impervious to a sell-off. “Its different this time” is ringing loud and clear, but will the outcome really be that ...

AtlantiCast

AtlantiCast: Episode 12

On this week’s episode of AtlantiCast, decade of excellence makes headlines, as Atlantic Health’s place on Fortune Magazine’s 100 Best Companies to Work For List leads off the newest episode of AtlantiCast. Also on this week’s show, check out the newest “hybrid” operating room at Morristown Medical Center and find out how Atlantic Health is helping local ...

Let the Games Begin

I am truly awed by the Olympics.  Watching these superb young athletes on TV inspires me to renew my membership to the gym and pursue my lifelong dream of taking home the gold.  

 

The problem is that in my deluded head, I can see actually see myself standing atop the podium.  I am wrapped in a puffy designer ski coat with a huge piece of bling slung around my neck ...

Movies! Movies! Movies! - Three Ways to Enjoy Movies

Most people who use the Summit Free Public Library are familiar with our video collection: thousands of DVDs and nearly 800 BluRays -- and growing!

In addition to recent box-office hits and Hollywood classics, we have foreign films, anime, and musical performances from Aida to ZZ Top. Binge-watch a must-see TV series, discover a new one, or introduce your kids to your childhood ...