CIA Director John Brennan’s personal email was hacked. How would you comment on this, is this just an embarrassment or is this something more, does it have some broader security consequences in your opinion? Read few comments.
The hacking of any intelligence official’s personal e-mail is a big deal. It makes targeted e-mail attacks in their network easier, like spearphishing, which is useful to criminal and spies alike. While a hacker might not be able to easily gain access to an official intelligence agency e-mail account, personal e-mail accounts can be an exploitable vulnerability in an official’s otherwise well-defended electronic life. These kinds of personal exploits matter because they can lead to bigger official vulnerabilities over time, depending on who is behind the hack. Many of the defense network and hardware vulnerabilities we explore in our novel Ghost Fleet could easily have started out with hacks like this that led, over time, to greater exploits by an adversary.
Tobias Feakin, Director, International Cyber Policy Centre & Senior Analyst, Australian Strategic Policy Institute
It seems that the hack is being reported to have been conducted by a teenager. We often seen hackers looking to hit high profile targets to illustrate their skill. However, in this case the information being leaked is embarrassing for the US. The most revealing document is some background information from a 2008 security clearance, including details of friends and associates. Of course you’d have to ask the question why this was on a family email account. Really half the battle is understanding the sensitivity of information that you have on your computer and online and acting accordingly, so for the CIA director to be hit like this isn’t a good look off the back of the OPM breach where over 22 million records were stolen.
Camino Kavanagh, PhD Candidate, Department of War Studies, King’s College London
Evidently there are security implications with these kids having accessed or published files such as the draft security clearance doc. Perhaps of more concern is the social engineering tactics they used to gain access to the account. They demonstrate that Brennan was not lackadaisical in securing his private account but rather that these hackers could con and trick Verizon personnel into handing over the personal details that ultimately gave them access. This is an age old trick but a major challenge to companies across the globe and in my opinion, the case will only serve to further undermine trust between different actors in society.
Gabriel Weimann, Professor, Department of Communication, University of Haifa
This case, which may not cause a real serious damage, is an additional indication to a more serious threat:
The motivation of modern terrorists to use hacking and cyber-attacks and moreover, their ability to launch such attacks.
As I warn in my new book (published in New York 3 month ago, entitled Terrorism in Cyberspace: The Next Generation), this is one of new threats of terrorism: cyberterrorism. When attacks will be launched by keyboards and mouse and not bombs or knives.