The DNC Has Been Hacked - How Did it Happen and What Lessons Can We Learn from It?

EAST BRUNSWICK, NJ -  The security compromise and recent leak of thousands of Democratic National Committee (DNC) electronic messages should serve as the latest reminder of how terribly exposed our digital lives leave us and our private information. If a large, well-funded organization as powerful as the DNC cannot protect its sensitive communications, how can any of us ever expect to protect our own communications and personal data?
What Was Hacked?
An extensive file containing sensitive information about Republican Presidential Candidate Donald Trump was hacked from a DNC network server and subsequently posted publicly on the internet on June 15. The information first appeared on the anti-secrecy website WikiLeaks. The hack of the DNC server was quickly attributed by law enforcement to what appears to be foreign state-sponsored hackers connected to Russian intelligence. Among other things, the files exposed the DNC’s non-neutral preference (and potentially biased activity in support of it) for Hillary Clinton to win the Democratic Presidential nomination over Progressive Democratic candidate Bernie Sanders.
The leaked file included internal DNC emails, text messages and a 200-page book of opposition research assembled about Trump. The sensitivity of the information as well as the timing of the leak has resulted in what some are describing as a rough start to the Democratic National Convention in Philadelphia. The compromise has already resulted in the resignation of DNC Party Chairwoman Debbie Wasserman Schultz. It has also reignited the fire and criticism from Sanders supporters during a period when the Democratic party was hoping to unify all of its constituents.
How Does a Security Compromise Like this Happen?
Organizations including the RNC and the DNC have invested heavily in the latest security technologies with the goal of securing their computing networks and connected devices. They’ve also developed, documented and implemented policies and procedures that help them to operate securely and meet legal and regulatory requirements. Yet losses to security breaches for these same organizations continue to occur. This is almost always the result of a lack of security savvy among the organization’s Internet-connected users. All too often security breaches like the one at the DNC are caused by users doing something that they shouldn’t do such as clicking a malicious link in an email message, opening an infected email attachment or visiting a website that is tainted with malware.
What Kind of Cyber Attack Was This?
Almost all legitimate sources say that the DNC hack was likely the result of a Phishing exploit. Phishing exploits attempt to acquire sensitive information such as usernames, passwords, credit card details, money or intellectual property by simulating a trustworthy source in electronic communication. Communications pretending to be from popular social media sites, email platforms, banks, payment processors, IT administrators and other trusted sources commonly are used to lure victims. Phishing emails often contain links to websites that are infected with malware. Phishing attacks often direct users to enter user names and passwords at fake websites whose look and feel are almost identical to the legitimate one they are mimicking. Phishing is just one type of social engineering technique used to deceive users, but it remains among the most dominant and effective attacks being used by cyber-criminals today.
How can the Average Person Avoid Falling Victim to a Similar Attack?
The only way to stay protected from these type of threats is to exercise good judgement and extreme vigilance when it comes to internet use. Security implications should always be considered when doing any kind of computing. Be skeptical of every email, text and instant message that you receive. Examine them carefully to verify the legitimacy of the source. Examine URL’s to ensure they are not malicious spoofs. This thinking needs to be applied when using any type of connection and every device.. at work, at home and when out and about as well. Here are a few additional tips worthy of consideration:
- Regularly update software;
- Be skeptical of every email, text and instant message;
- Use 2 factor authentication whenever it is available;

- Use encryption whenever possible;
- Connect on trusted, secure networks only;
- Use lock-out schemes when devices are idle;
- Selectively choose applications and terminate permissions for applications not used; and
- Avoid losing devices by keeping them close.
Education is equally important, Because of this, parents and older siblings of children should teach kids about acceptable usage and cyber-security threats when they are first learning to access and use the internet. Children are smart and a little coaching will position them to properly recognize and avoid cyber-threats.
Prior to the existence of the internet, criminals had to physically spy on or attack their prey, break and enter, intercept mail or dig through garbage to steal personally identifiable information and communications. . Now that most of society’s information is available and exchanged with the ease of a click online, criminals leverage the internet to steal communications, account credentials, money, identities, sensitive intellectual property and private data. Today, cyber-criminals can anonymously deliver their attacks anonymously with a basic computer and internet connection right from the comfort of their own homes or from anywhere else in the world. They’re also able to attack hundreds, if not thousands, of potential victims at a time with the simple click of a mouse.
I saw a recent interview with James Comey, the current FBI director, that really resonated with me. He said that people should treat their e-mail box like they treat their home. If somebody knocked on your door at 2 in the morning, you wouldn’t just open the door and let them in. You would ask who it is, look out the window and try to vet who it was. The problem today with cyber-security is that people will receive a message, they click on a link, they open an attachment, they really don’t think where these things are coming from. It is important to know the source of these messages. It is not just e-mails. It is anything with instant messaging, social media and the like. Most security compromises happen because somebody is does something that they shouldn’t do. They open a link, they open an attachment from an e-mail from a dubious source. Once they do that, a malicious payload is in their system and that could lead to the type of debacle that the DNC is now experiencing.
The DNC hack is the latest reminder of how terribly exposed we are when we use the Internet. By exercising good judgement and vigilance we can improve our ability to avoid falling victim to hackers online.
Jeff Bernstein is an East Brunswick resident and the managing director of the T&M Protection Resources Cyber Security Advisory team. T&M is a security solutions provider that focuses on the protection of people, property and information. Bernstein has over 17 years of experience leading organizations dedicated to the protection of critical electronic computing infrastructure. Reach Bernstein at
 The Guest Column is our readers' opportunity to write about a given issue or topic in an in-depth and educational manner.
The opinions expressed herein are the writer's alone, and do not reflect the opinions of or anyone who works for is not responsible for the accuracy of any of the information supplied by the writer

 The Guest Column is our readers' opportunity to write about a given issue or topic in an in-depth and educational manner.

The opinions expressed herein are the writer's alone, and do not reflect the opinions of or anyone who works for is not responsible for the accuracy of any of the information supplied by the writer.

TAP Into Another Town's News:

You May Also Be Interested In

Sign Up for E-News


To Our Current and Future Representatives

July 17, 2018

To Our Current and Future Representatives - Wherever They May Be:

We can never forget we are a nation of immigrants. 

We cannot fall prey to fear, ignorance and anger when we  have been historically driven by freedom and justice. 

We must have the courage and will to fight hate, bigotry and prejudice. 

We must not wake up to what we hoped was a bad dream and ...

Upcoming Events


Sun, July 22, 8:00 AM

Summit Summer Farmers Market, Summit

Summit Farmers Market

Community Calendar Food & Drink Green Health & Wellness


Sun, July 22, 5:00 PM

Central Presbyterian Church, Summit

Summer Outdoor Worship with BBQ

Arts & Entertainment Religions And Spirituality


Mon, July 23, 7:45 AM

17 Kent Place Boulevard, Summit

Monday Morning Yoga

Health & Wellness

Summit Police Blotter

July 9, 2018

6/19 - Peter Ferguson, 31, of New York, New York was arrested on a contempt of court warrant out of Point Pleasant Beach. Mr. Ferguson posted bail and was provided a new court date.

6/22 - At 1552 hours a report was taken for a theft of one thousand (1,000) mops from Overlook Hospital. The reporting individual indicated the theft occurred between 6/10 and 6/21. Taken from a storage area ...

Audio: Point View's Petrides Details Three Things to Watch During Earnings Season on 'Wall St. Unplugged'

July 20, 2018

Point View Wealth Management's Managing Director and Portfolio Manager, John Petrides, on Wall Street Unplugged discussing portfolio positioning during earnings season:

For more than 25 years, Point View Wealth Management, Inc. has been working with families in Summit and beyond, providing ...

Video: Point View's Dietze Says Valuations, Buybacks, Dividend Make Financials Attractive

Point View Wealth Management's Founder, President and Chief Investment Strategist, David Dietze, appeared live on CNBC detailing the outlook for financial stocks and more:

For more than 25 years, Point View Wealth Management, Inc. has been working with families in Summit and beyond, providing customized portfolio management services and comprehensive ...

Picking up the Pieces – The Benefits of Account Consolidation

Over a lifetime of investing we often have numerous accounts located at different financial firms.  Rarely are these accounts managed with a grand plan that takes into account all the individual pieces.   Account proliferation can be detrimental to your investment performance, increase your risk profile, and lighten your pocketbook.  

Account consolidation offers the ...


AtlantiCast: Episode 18

On this week’s AtlantiCast, you’ll find out how accessing care at Atlantic Health System is now easier, more affordable and closer to home than ever, learn which item from the produce aisle could be the newest weapon against cancer, see what Atlantic Health System, the New York Times and Instagram all have in common and much more.



Are You Ready for Your Child to Turn 18?

If your son or daughter is turning 18, here are a few things you need to know:

If you have an UGMA/UTMA savings account for your child, did you know those assets are his/her legal property and once that instrument matures (most often 21 years old or 18, if you designated that at time of account creation), those assets are at your child’s disposal with no restrictions or ...

Would Shedding

How much wood wouldn’t a woodchuck chuck if a woodchuck could chuck woodn’t?


Enough already.  


I get it.  It is an easy mistake to make, misusing would and wouldn’t.  It happens to me all the time.


“Honey, when I said I didn’t see any reason why I would go to the ballet, I meant to say I couldn’t see ...