The hacks perpetrated on the Democratic National Committee (DNC) have provoked angst and concern. Many have made the case this was a Russian operation, although other theories exist. But the full implications about what it means in a turbulent election year have yet to be seen, especially if more leaks are revealed. Akin to the Watergate scandal of more than 40 years ago, the seedy world of political power players is on full display.
As if anyone needed to be reminded, one thing is clear: No system can be 100 percent secured. There is always an element of weakness at some point along the security chain. The fact that this incident has vast political ramifications may make it bigger than other cybersecurity breaches, but the methods used were probably no different than those employed in past hacks, and will be employed again in future hacks.
The age of hackers
What may not be evident to the casual observer is that somewhere between casual hackers (if there is such a thing), rogue cyber criminals, and nation state-sponsored intruders, these actors have now successfully leveraged the power to influence a nation and the world.
For the last year, we heard massive doses of facts and debate over whether Hillary Clinton’s email servers got hacked, whether they were wiped intentionally, or held secret information. We should now be beyond the point of any surprise when any digital secret under the sun gets out some way, somehow. Whether the information involved is political, national-security based, or contains embarrassing relationship secrets (such as in the Ashley Madison hack), it seems inevitable that information will be attacked and in many cases released.
The course forward is imperfect and difficult. Technologies alone have failed organizations and institutions across the globe. The key to creating a better-secured atmosphere for corporations, individuals, and governments is to create a culture of vigilance. For this reason, products that espouse features such as intelligent learning, information-sharing, and artificial intelligence are compelling when they are applied to security products. Security plans should feature multiple levels, but not so many that it becomes a burden.
It is also a great practice to utilize and engage with security professionals of the highest caliber. Conduct penetration tests regularly, audit, analyze, act, and repeat – forever. Only through this course, combined with better security processes, training, and awareness, can these inevitable and ceaseless security intrusions be mitigated. If security is left solely to comprehensive tools, the potential for risk is overwhelming. We see this played out in breach after breach, release after release. And now it is directly affecting a nation that will soon pick its leader for the next four years.