First, the Panama Papers, then the Clinton email controversy, and now the Democratic National Committee’s (DNC) server hacking scandal. The lack of cybersecurity and protection in these events leaves international and government cybersecurity firms wondering when will the breach be enough to start discussing increased cybersecurity? The worst part: computer incident response and forensic cybersecurity analysts allege that the source of the DNC server hack stems from Russia.
If you are tired of all the updates, scandals, and cybersecurity faux pas you are likely not alone. The real question is what are corporations, organizations, financial institutions, and the government doing about it? How many more leaks, attacks and hacks have to be perpetrated in order for cybersecurity to be discussed on a more intimate level?
After initial computer incident response services were conducted by United States-based government cyber security firms, it was confirmed that the hackers had access for a year and it was only until recently that anyone realized that the DNC server hack had even taken place.
News outlets are saying that reports found that nothing of value was even taken after the DNC’s servers hack, which should be a relief. However, the issue still remains that the system was not secure. What no one seems to be talking about is the cybersecurity aspect. After something as big as the DNC server hack, government cybersecurity agencies would expect cybersecurity to be at the forefront of discussion, but it hasn’t.
This raises additional suspicions. If we were to speculate, why would someone go through the trouble of a DNC server hack if they did not want to steal anything? Likely, something was stolen but the information is not being released.
According to Akash Desai, cybersecurity expert at ERMProtect: “In the cybersecurity world, stealing the Queen’s crown is not required – even a copy of the Queen’s crown can be stolen and the impact is the same.”
Additionally, what’s to say that Trojans and malware was not left behind to further compromise the server, even at this point long after the attack.
Computer incident response and forensic cybersecurity is an integral part of ERMProtect's services, including incident response retainers. These are fantastic services to acquire, but prevention is better than a cure, and an incident response analysis will help prevent future leaks and stop current ones. Nothing can compare to actual cybersecurity, penetration testing, and threat management in order to prevent cyberattacks and information breaches.
