It just annoys the hell out of me every time I hear Hillary Clinton talk about her email, because she says something to the effect that there is no evidence that her email server was ever hacked even though it was poorly secured. This likely speaks to why many of my peers in the IT security business are weary of her even though they are far from Trump fans.
What is even more troubling is that she apparently was clearly aware this can’t be true. Why this torques me off is that there was no tracking on that server so no one can tell whether it was penetrated or not, and that is why the FBI’s report indicated it was probably penetrated.
I saw the same thing with the Manning and Snowden events where the implication in both cases were that these were isolated, but given both people were caught after they disclosed their actions it is likely they are simply the only folks who stole records that went to the media.
This is often the case in a security breach or an embezzlement. The firm acts like the event is isolated, but the lack of controls that enabled the crime are typically not tied to the single individual that was caught suggesting the firm has no idea if there was one person or a thousand involved (well, other than the fact that if the latter was true they’d be out of business).
This is the problem with assumptions: They’ll come back to bite you in the butt and can make you look either dishonest or stupid to folks who do security for a living.
I see this a lot and I think it is worth flagging here because we are entering a very frightening time with nearly 100K estimated Ransomware attacks a day, and the recent DOS DNS server attack that should force us to once again realize we are in an arms’ race we are losing. We can no longer assume we are secure.
I do account reviews when one of my clients points out something I find interesting. One such review was triggered by an update from Varonis [Disclosure: Varonis is a client of the author] where they talked about a security specialist named Stuart who was doing something unusual. The class of product that Varonis makes looks at data access and reports on anything that looks unusual. This is done on email and file servers because that is where we assume the attacks are most likely to occur. But Stuart wrapped all of the firm’s servers with this technology.
Sign up for CIO Asia eNewsletters.