Democratic National Committee headquarters, Washington, D.C.
Democratic National Committee headquarters, Washington, D.C. (Photo: Mark Van Scyoc/Shutterstock.com)

The 2016 presidential election had its share of surprising and alarming moments, but none more so for cybersecurity experts than the summer’s hack of Democratic National Committee email servers, along with email accounts of prominent Democratic leadership. A hacker operating under the moniker Guccifer 2.0 leaked the emails to WikiLeaks, which subsequently published an archive of the stolen emails.

Confusing matters slightly, consulting cybersecurity groups such as CrowdStrike examined emails associated with the hack and found that not only was there some evidence of Russian state involvement, some of the documents released through WikiLeaks may have been doctored and integrated into the breached emails.

The DNC hack may have marked a shift in the threat landscape for large organizations and enterprises, according to many in the cybersecurity community. Steve Chabinsky, general counsel and chief risk officer for CrowdStrike, said the company saw a couple of distinct markers in its investigation of the breach.

“When I look at the DNC hack, what I think is unusual about it and is likely to become a trend is use of hacking as a means of creating influence operations and brand disruption,” Chabinsky said. These two motives, he added, differ from the more commonly recognized goal of cyberattacks on businesses: acquisition of data, be it customer account credentials or trade secrets, that leads to financial gain for hackers.

Brand reputation has been a question for many following the highly publicized Yahoo customer data breach earlier this year, which drew concern and a possible revaluation of its $4.8 billion deal with Verizon.

Chabinsky said the DNC hack may signal a ramping up of corporate influence and reputation-based attacks, and companies should start looking to reconsider what vulnerabilities lie in these motives.

“The concern, looking at this from the lens of the private sector, is: How do you go up against an organization, whether they’re a criminal group or a foreign country, that would get into your system not to benefit from the data they steal, but to use that data for the purpose of influencing your operation and destroying your brand?” he asked.

This may require a shift in the ways that corporate leaders determine what information is critical to safeguard and what can be left vulnerable. K2 Intelligence senior managing director Austin Berglas said companies need to “shift from a normal security mindset away from protecting what we’ve always wound up having to protect into [looking] at what could do damage to the organization.”

This may mean shifting away from keeping the heaviest restrictions on source code and proprietary data and looking outward into companies’ other risky data. Berglas and Chabinsky both agree that the DNC hack demonstrated that email should be high on the list of potential threats to a company’s value.

Joe Whitley

“Email is one of the most vulnerable things we do every single day because it’s completely internet-facing,” Berglas said.

David Katz, a partner at Nelson Mullins and head of the firm’s privacy and information security practice group, said the hacks may force organizations to reckon with the broader issue of email content.

“The way we communicate now is electronic, and that in and of itself creates risk because it makes a record that is potentially discoverable,” Katz said. That, he said, requires that companies and other organizations not only take steps to secure their data and prepare for breaches, but also to think about what kind of sensitive data they may be producing without thinking.

“If you’re engaged in very sensitive communications, I think you should almost assume that they’re not going to be secure, especially if they’re in the context of something that’s potentially controversial or that folks might have a reaction to out of context,” Katz said.

Joe Whitley, a shareholder at Baker Donelson and chairman of the firm’s government enforcement and investigations group, thought that both the publicity generated by the DNC hack and its potential impact on the outcome of the presidential election may encourage companies to reconsider their dependence on electronic communications altogether.

“I think it may change how people communicate,” Whitley said. “You may see more use of the phones for communications and maybe even old-school written communications may come into play.”

Berglas approached the issue with more skepticism toward companies’ willingness to migrate away or even moderate use of email accounts.

“No matter what the policies are, most people are probably going to put sensitive information in email because it’s just the way people are. They obviously take accessibility over security,” he said.

If this proves to be the case, companies will need to step up their crisis management game, starting with company leadership, Chabinsky said. “The awareness that this is possible needs to be in the back of the minds of business management teams so that their response can anticipate these as potential issues,” he said.

The 2016 presidential election had its share of surprising and alarming moments, but none more so for cybersecurity experts than the summer’s hack of Democratic National Committee email servers, along with email accounts of prominent Democratic leadership. A hacker operating under the moniker Guccifer 2.0 leaked the emails to WikiLeaks, which subsequently published an archive of the stolen emails.

Confusing matters slightly, consulting cybersecurity groups such as CrowdStrike examined emails associated with the hack and found that not only was there some evidence of Russian state involvement, some of the documents released through WikiLeaks may have been doctored and integrated into the breached emails.

The DNC hack may have marked a shift in the threat landscape for large organizations and enterprises, according to many in the cybersecurity community. Steve Chabinsky, general counsel and chief risk officer for CrowdStrike, said the company saw a couple of distinct markers in its investigation of the breach.

“When I look at the DNC hack, what I think is unusual about it and is likely to become a trend is use of hacking as a means of creating influence operations and brand disruption,” Chabinsky said. These two motives, he added, differ from the more commonly recognized goal of cyberattacks on businesses: acquisition of data, be it customer account credentials or trade secrets, that leads to financial gain for hackers.

Brand reputation has been a question for many following the highly publicized Yahoo customer data breach earlier this year, which drew concern and a possible revaluation of its $4.8 billion deal with Verizon.

Chabinsky said the DNC hack may signal a ramping up of corporate influence and reputation-based attacks, and companies should start looking to reconsider what vulnerabilities lie in these motives.

“The concern, looking at this from the lens of the private sector, is: How do you go up against an organization, whether they’re a criminal group or a foreign country, that would get into your system not to benefit from the data they steal, but to use that data for the purpose of influencing your operation and destroying your brand?” he asked.

This may require a shift in the ways that corporate leaders determine what information is critical to safeguard and what can be left vulnerable. K2 Intelligence senior managing director Austin Berglas said companies need to “shift from a normal security mindset away from protecting what we’ve always wound up having to protect into [looking] at what could do damage to the organization.”

This may mean shifting away from keeping the heaviest restrictions on source code and proprietary data and looking outward into companies’ other risky data. Berglas and Chabinsky both agree that the DNC hack demonstrated that email should be high on the list of potential threats to a company’s value.

Joe Whitley

“Email is one of the most vulnerable things we do every single day because it’s completely internet-facing,” Berglas said.

David Katz, a partner at Nelson Mullins and head of the firm’s privacy and information security practice group, said the hacks may force organizations to reckon with the broader issue of email content.

“The way we communicate now is electronic, and that in and of itself creates risk because it makes a record that is potentially discoverable,” Katz said. That, he said, requires that companies and other organizations not only take steps to secure their data and prepare for breaches, but also to think about what kind of sensitive data they may be producing without thinking.

“If you’re engaged in very sensitive communications, I think you should almost assume that they’re not going to be secure, especially if they’re in the context of something that’s potentially controversial or that folks might have a reaction to out of context,” Katz said.

Joe Whitley, a shareholder at Baker Donelson and chairman of the firm’s government enforcement and investigations group, thought that both the publicity generated by the DNC hack and its potential impact on the outcome of the presidential election may encourage companies to reconsider their dependence on electronic communications altogether.

“I think it may change how people communicate,” Whitley said. “You may see more use of the phones for communications and maybe even old-school written communications may come into play.”

Berglas approached the issue with more skepticism toward companies’ willingness to migrate away or even moderate use of email accounts.

“No matter what the policies are, most people are probably going to put sensitive information in email because it’s just the way people are. They obviously take accessibility over security,” he said.

If this proves to be the case, companies will need to step up their crisis management game, starting with company leadership, Chabinsky said. “The awareness that this is possible needs to be in the back of the minds of business management teams so that their response can anticipate these as potential issues,” he said.