DNC Hack Serves As Cautionary Tale For IT Pros - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Comments
DNC Hack Serves As Cautionary Tale For IT Pros
Newest First  |  Oldest First  |  Threaded View
<<   <   Page 3 / 3
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Author
7/27/2016 | 5:55:31 PM
Re: Who Hacked the DNC?
It is worth noting that officials are still officially referring to this as a "leak" and not so much a "hack."  The NYT and others are still referring to the notion that it was a hack as "unconfirmed speculation."  (And a leak/insider attack isn't so far-fetched, considering the circumstances.)

All we definitely know for sure?  WikiLeaks got a hold of the emails and released them.
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Author
7/27/2016 | 5:52:06 PM
Re: email matters
@Michelle: The key, of course, is to do this in a way that is still respectful -- and perhaps even a little apologetic and/or deferential.  Otherwise, you run the risk of what I've seen happen in other organizations: The staff is well-trained, but they come to resent and disrespect IT and all its security measures -- resorting to workarounds, Shadow IT, etc.
jastroff
50%
50%
jastroff,
User Rank: Ninja
7/27/2016 | 11:58:44 AM
Who Hacked the DNC?
That's a big hack 

Who did it? Local? The Russians? 

Any thoughts? and will we ever know?
jastroff
50%
50%
jastroff,
User Rank: Ninja
7/27/2016 | 11:55:21 AM
Re: email matters
Really interesting and worthwhile idea -- if companies can afford it. 

I wonder if SMBs or others can accomplish it through immediate online learning or skype session

 

>> complete an on-the-spot 5-minute (or so) training on security -- reduces successful phishing attacks by 75%.
Michelle
50%
50%
Michelle,
User Rank: Ninja
7/26/2016 | 11:42:28 PM
Re: email matters
That sounds like a great idea. I'm sure plenty of those who click feel a little humiliated at first, then learn that all-important lesson of DO NOT CLICK. I've worked in offices where several users stuggled with computers. I saw multiple rebuilds over the years. The users seemed to click on everything they shouldn't and with regularity.
Technocrati
50%
50%
Technocrati,
User Rank: Ninja
7/26/2016 | 3:50:11 PM
Breeches and Delusions of Security

 "...organized cyber-criminals have the potential to infiltrate any organization they have on their radar." 

 

This is the real issue.  When I hear of another breech, I wonder what happened to all the security experts who are just so proud to claim that they are just that - an expert.   The fact is as noted within this piece is that hackers will always be a couple of steps ahead of companies.

 

If your company hasn't been hacked, it is not because of all the pompous security experts out there - it is simply because the Hacker has not identified you as a high value target.

Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Author
7/26/2016 | 2:56:18 PM
Re: email matters
I remember a stat from SECTF's Chris Hadnagy from a few years ago that found that sending "phishing" emails to your own employees -- which, if they click through and fall for them, then force the employee to complete an on-the-spot 5-minute (or so) training on security -- reduces successful phishing attacks by 75%.
Michelle
50%
50%
Michelle,
User Rank: Ninja
7/26/2016 | 11:42:51 AM
email matters
I'm glad to see this article posted about cyber security. So often, email is taken for granted and secured with weak or shared passwords. 
<<   <   Page 3 / 3


The State of IT & Cybersecurity Operations 2020
The State of IT & Cybersecurity Operations 2020
Download this report from InformationWeek, in partnership with Dark Reading, to learn more about how today's IT operations teams work with cybersecurity operations, what technologies they are using, and how they communicate and share responsibility--or create risk by failing to do so. Get it now!
Commentary
The Best Way to Get Started with Data Analytics
John Edwards, Technology Journalist & Author,  7/8/2020
Slideshows
10 Cyberattacks on the Rise During the Pandemic
Cynthia Harvey, Freelance Journalist, InformationWeek,  6/24/2020
News
IT Trade Shows Go Virtual: Your 2020 List of Events
Jessica Davis, Senior Editor, Enterprise Apps,  5/29/2020
Register for InformationWeek Newsletters
Video
Current Issue
Key to Cloud Success: The Right Management
This IT Trend highlights some of the steps IT teams can take to keep their cloud environments running in a safe, efficient manner.
White Papers
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll