The FBI is currently investigating a hack that surfaced the contents of email from the Democratic National Committee (DNC).
About 20,000 email messages were leaked late last week, highlighting officials' favor towards Hillary Clinton and throwing the party into disarray ahead of its 2016 Democratic National Convention. Chairwoman Debbie Wasserman Schultz will resign as a result.
The messages, which were published on WikiLeaks, did not shed any light on who was behind the breach. Clinton's campaign says it believes Russia conducted the hack to benefit Donald Trump, and sources close to the matter claim Russian hackers gained access to the DNC's system.
"A compromise of this nature is something we take very seriously, and the FBI will continue to investigate and hold accountable those who pose a threat in cyberspace," wrote the FBI in a statement, as reported by a number of news outlets.
Regardless of who the FBI finds guilty, this politically charged attack carries a few key lessons for IT pros. If the DNC is vulnerable to having their sensitive content breached and published, your organization could also be at risk.
The Experts Caution Organizations
Following the breach and publication of DNC emails, cyber-security industry experts spoke out about the importance of protecting sensitive data, maintaining email best practices, and having the right response prepared for when an attack takes place.
"This situation demonstrates that all data has value to someone -- even if it's not commercial data," said Mark Kraynak, SVP and general manager of enterprise solutions at Imperva, in an email. Kraynak explained how an attacker may value data more than its owner, at least until the information is compromised.
"Situations like this are a great reminder of the need for all organizations to ensure the security of their data and that they have appropriate response mechanisms in place for the inevitable attack," he continued.
Some security pros say they believe sophisticated hackers will always be one step ahead of the businesses they plan to attack. Brad Taylor, CEO at Proficio, noted a popular lesson within the security space -- once an experienced attacker is on your network, he or she can complete a breach in less than 30 minutes and maintain a presence for over 250 days without being detected.
"Security controls of any organization will never be capable of keeping out a determined adversary," Taylor cautioned. "Like water coming through a screen door on a submarine, they will find a way into any network."
Travis Smith, security researcher with Tripwire, says he expects it will be found that the DNC hack originally started with a phishing email. "Why knock down the wall if you can be welcomed in through the front door?" he asked.
"Phishing, spear-phishing, and whaling continue to be the dominant entry point for attackers, as humans are often the weakest link in an organization's security architecture," Smith explained.
Employees should be cognizant of suspicious email and of how they act online, cautioned Lamar Bailey, senior director of security R&D for Tripwire.
"We do not know the source of this leak," Bailey noted in an email to InformationWeek. "It could have been a hack, weak password, misconfiguration, or even an inside job. Regardless, the same things can happen to any business."
In terms of key lessons IT and security managers can take from these hacks, Bailey emphasized that data needs to be classified, and proprietary or confidential information should be treated with extra precautions.
While the 2016 presidential election has made political candidates like Clinton and Trump prime targets for cyberattacks, organized cyber-criminals have the potential to infiltrate any organization they have on their radar. Is your business protected?