The recent email hacks surrounding Hillary Clinton’s presidential campaign and the Democratic party are heating up the presidential race and showing off some significant security flaws.
According to a report by The Wall Street Journal, the most recent attack on former Hillary Clinton staffer William Rinehart’s email account could serve as a window into how fraudsters and hackers operate. The attack is believed to have been committed by hackers connected to the Russian government, which has repeatedly been accused of meddling in next week’s presidential election.
This latest breach, which divulged emails from Rinehart’s Gmail to a website known as DC Leaks, used a well-known method called “phishing.” While many may expect such a big-time hack to rely on highly sophisticated security infiltration tools, phishing instead uses “old-fashioned trickery” to gain access to sensitive information, according to the report.
The PYMNTS.com Digital Identity Tracker is a month-by-month guide to the digital security world and provides the latest headlines from around the space.
These latest attacks, while simplistic, may expose some big holes in the United States’ cybersecurity policy.
Security analysts have speculated that there has been too much time and money spent focusing on massive attacks that would cause chaos in both the digital and physical realms, often referred to as a “cyber 9/11.” These attacks include catastrophic security breaches that could bring down critical systems, such as power or communications infrastructure, and commonly use methods to attack previously unknown weaknesses, called a “zero-day exploit.”
However, according to experts, simple attacks, such as phishing scams, which have been around for decades, are the most common ways for bad actors to access information they shouldn’t. Email breaches have been a recurring news item this year, and hackers most recently published emails from the account of former Clinton campaign head John Podesta after accessing the emails during a phishing attack.
James Lewis, an expert at the Center for Strategic and International Studies, told WSJ that focusing on these catastrophic events leaves the United States vulnerable to phishing attacks and other more simplistic fraud methods.
“They can’t take us on directly, so they figured out a way to take us on indirectly,” Lewis said of the hackers, while calling on the U.S. to change its security strategy. “The only people who are going to stop the Russians are the American government.”
To download the October edition of the Digital Identity Tracker™, click the button below.
About The Tracker
The PYMNTS.com Digital Identity Tracker™, powered by Socure, is a forum for framing and addressing key issues and trends facing the entities charged with efficiently and securely identifying and granting permission to individuals to access, purchase, transact or otherwise confirm their identity.