What does the DNC data breach mean for government cybersecurity?
Jun 24, 2016
The most concerning fact about the Democratic National Committee's recent data breach is that this sort of thing happens all the time. According to Reuters, between 2011 and 2015 the U.S. Federal Reserve alone experienced cybersecurity breaches more than 50 times. In February, cybercriminals also stole $81 millionfrom Bangladesh's New York Fed account, and, during the 2014-15 talks with Iran, the State Department's systems suffered multiple shutdowns.
As a prominent political organization, the DNC offers another alarming example of cybersecurity challenges. The Wall Street Journal reported that two separate breaches occurred, one in summer of last year, the other in April. In addition to accessing emails and chats, the hackers tapped into opposition research on presidential candidate Donald J. Trump.
Authorities believe two Russian intelligence agencies are responsible, although the Russian government denies its involvement. An individual hacker known as Guccifer 2.0 has sinceclaimed credit, but this statement remains unsubstantiated.
CrowdStrike, the cybersecurity firm hired to handle the DNC hack, has not been able to identify how the data breach occurred. However, The Washington Post reported that the cybercriminals may have employed spear phishing. This technique is a subset of phishing, which hackers use to trick individuals into sharing information by making an email appear to come from a familiar, trusted source.
CroudStrike's spear phishing theory implies that by obtaining information on which senders specific DNC employees would consider trustworthy, the hackers could have composed seemingly legitimate emails urging the individuals to provide the desired information to them voluntarily. Then, FBI information on spear phishing suggests, the cybercriminals could link from the email to a falsified official website where they collect this information or attach a virus allowing them to access the information on the individual's computer. The FBI cautions vigilance against phishing, warning that it can affect targeted individuals personally, as well as jeopardizing their employers.
Developing proactive cybersecurity
Because the DNC is a nonprofit the organization, it stood at an increased risk, Politico asserted. For budgetary reasons, small and nonprofit entities are less likely to preemptively invest in cyberdefense measures. In the article previously cited, The Wall Street Journal reported that prior to the breach, DNC cybersecurity was "relatively weak" considering the value of the information it handles. In the face of increasingly sophisticated cybercrime, defensive cybersecurity is of utmost importance, particularly for organizations like the DNC that handle information of value and interest.
The good news is that the DNC hack serves as a call to arms. Government agencies are showing their commitment to combating cybercrime by participation in instructional exercises like the 2016 Cyber Guard training, which involved individuals from the Departments of Defense and Homeland Security, as well as the FBI. This year, Cyber Guard focused on creating an authentic, high-stakes environment in which to test and train the 800 participants' ability to respond to cyberattacks on U.S. infrastructure.
Preparedness for the future of cybercrime is of the utmost importance; as Navy Admiral Michael S. Rogers, director of the National Security Agency and commander of the U.S. Cyber Command, told 2016 Cyber Guard participants, "Every single one of us is going to have to be dealing with this."