Following the Hillary Clinton email scandal, you would have thought people in positions of authority would be more careful about using personal email accounts. Well, you’d be wrong!
A recent report stated that non-governmental personal accounts associated with the Director of the CIA, John Brennan, were hacked by a supposed high school student. Brennan’s personal email AOL account held information on more than a dozen top American intelligence officials, a government letter about the use of “harsh interrogation methods” on terrorism suspects and a 47-page application for top-secret security clearance. Basically, information that you would not want leaked into the public sphere.
The hacker also claimed to have accessed the Comcast account of the Department of Homeland Security Secretary, Jeh Johnson. If true, this will prove to be yet another embarrassing case of high-ranking officials not taking email seriously.
The FBI and other federal agencies are currently investigating this matter, but the alleged hacker, when interviewed by the New York Post, has said that he has yet to be contacted by any law enforcement authorities. One source investigating this case was quoted as saying that this shows people of an older generation simply don’t consider cybersecurity to be important. The hacker has described himself as politically motivated and against the US government’s foreign policy towards Palestine.
This again highlights the risk of government officials using personal email addresses. Hillary Clinton may have used her own account for work purposes, with information still leaking out to the press, but there has been growing concern that officials keep using their personal email for non-governmental reasons on company computers.
The problem is that personal email addresses are relatively easy to hack as they exist outside of the protections a .gov email address has. The hacker allegedly used a simple tactic called “social engineering” to hack Brennan’s account. This involves collecting publicly available information on a person and using it to, in essence, personalize an attack on his/her email accounts. In this case, the hacker supposedly tricked Verizon employees into giving him Brennan’s information and got AOL to reset his password. This technique has been used successfully numerous times, with a high profile case occurring in 2008 when the email account of Sarah Palin was hacked by answering her simple security questions.
Will this new email scandal cause everyone to start using email more responsibly? No, but that doesn’t mean that YOU shouldn’t.
Email is NOT a disposable communication tool and there can be serious repercussions if you don’t treat it with respect. For more information, check out our articles on making sure your work emails don’t get you in trouble and how just one poor business email can damage your company’s reputation, as was the case with the Sony scandal at the end of 2014.