On Dec. 14, The New York Times published a story that chronicled, in part, how Russian hackers purportedly breached the computer network of the Democratic National Committee (DNC) – an attack that proved to be an issue in the 2016 presidential election. While there was a lot of intrigue surrounding the incident, there are also some lessons for businesses as they try to protect their data from cyber-criminals.
Here are five of them (and this is politically agnostic and non-partisan, despite where the criticism may fall):
Cyber-security expertise is critical
The IT contractor who fielded the initial call from the FBI warning of a potential breach was not an expert in cyber-attacks. He responded by doing a quick Google search of a Russian cyber-espionage team the bureau had referenced – “the Dukes” – and performed a hasty search of the DNC computers for signs of an attack. He didn’t find anything. So when the FBI agent kept calling back, he didn’t return the calls, explaining, “I had nothing to report.” This was September 2015. It was not until March 2016 that the committee’s IT team decided the agent did, in fact work for the government. By then, it was too late. The lesson: Put your data security responsibilities in the hands of someone who has the experience and expertise to do the job right, and give him or her the tools they need to fight cyber-crimes.
Companies need to invest in data security
The DNC, a nonprofit organization that depends on donations, had “a fraction of the security budget that a corporation its size would have,” The Times said. Its report quoted the committee’s technology director as saying, “There was never enough money to do everything we needed to do.” It took seven months for the DNC to install a “robust set of monitoring tools.” The lesson: Companies that do not appropriately fund data security are putting their enterprise at risk. Sadly, this is a case where you get exactly what you pay for.
Standard security approaches aren’t enough
The DNC just had the basics – a standard email filter designed to block phishing attacks and malware attacks. For cyber-criminals, cracking that is a cyber-walk in the park. The lesson: Run-of-the-mill software that simply detects viruses, malware, and the like will not deter hackers. You need advanced systems that can quickly and effectively identify suspicious activity.
Beware of phishing attacks
A former DNC field director who was working on Secretary Clinton’s campaign received an email, supposedly from Google, that said: “Someone just used your password to try to sign into your Google account…Google stopped this sign-in attempt. You should change your password immediately.” He clicked the attached link and typed in a new password. Months later, he realized he’d given hackers access to his email account. The lesson: Be suspicious of any emails, attachments, and links – no matter how authentic they may appear – and train employees on how to identify phishing attacks.
Better late than never isn’t a strategy; it’s a recipe for disaster
As noted in a couple of places above, the DNC waited months before determining there was a cyber attack and installing the necessary security software. That delay proved costly, and allowed the hackers to keep moving around inside the DNC’s system. The lesson: Have sophisticated systems, processes, and architecture in place that can not only identify and prevent threats – known and unknown – in real time, but can also eradicate them within minutes rather than hours or days.
In the wake of its investigation, The Times concluded: “The failure to grasp the scope of the attacks undercut efforts to minimize their impact.” That may be the ultimate lesson for any business. Because if you can't find a breach, assess it, and fix it, then “data security” is little more than a contradiction in terms.
ABOUT THE AUTHOR
Mark Elliott is a Best-Selling Author and CEO. His company, 3i International, helps you apply technology to improve performance and compliance. For over 25 years, Mark has been helping startups to Fortune 500 companies overcome the technology challenges they face. He develops strategies to analyze, manage, and adapt to the ever-changing technology landscape. A central focus has been security and compliance. His experience includes preventing, detecting, and responding to hackers and threats. This keeps your organization safe from invasions while simultaneously meeting regulatory compliance.