As news that the security of Obama’s emails have been compromised, Itsik Mantin, security researcher, Imperva and Mark James, ESET security specialist explains why human error is still such an important factor when it comes to cyber security:
If we look at security incidents over the past few years we can see that while many of them rely on vulnerable systems (e.g. breaking into an application using SQL injection) an equal (at least) proportion rely on the simple fact that end stations are operated by human beings. In that sense, people who work for the White House are no different than any others. They receive and open emails from people they don’t know (which is probably part of their job), they visit web sites who might be infected with drive-by-downloads and they may even download productivity software that may not have been approved by their IT systems
Furthermore, this is true not only from a victim perspective, but also from the attacker perspective, where insiders like Snowden abuse access privileges for various reasons, ideological or material.While there is no indication that this was indeed the source of the breach, this threat is always there, and its realization depends on motivation and opportunity. There is no good reason to believe that White House network is immune to the threat of user misbehavior, regardless of whether it is intent or negligence. “It is yet again a lesson for all of us that while attempting to avoid infection and penetration we must also have our plans in place to detect and contain an infection or a breach once it happens.
Mark James, ESET security specialist: “The systems of the White House are under attack almost constantly on a daily basis and I am sure that most of these are unsuccessful seeing as only a few of the more sophisticated attacks are anywhere close to succeeding and even less of those actually harvest data that could be used. This particular one gained access to unclassified emails but even the White House has stated that it may contain some information that could be useful as even the president will find it almost impossible to be 100 percent successful in not sending any information that could be deemed useful to someone. They have already stated that their secure systems were unaffected but any information from the president should be treated with the utmost of security.
It would make sense for this to be played down and no surprise that some of the information is released later after any particular sensitive information is useless or out of date. Ensuring all of the presidents’ communications are secure should be of high priority and taking extra care that internal “unclassified” info is also treated with extra security seems to make perfect sense with the president of the USA being such a large cyber target from many cybercriminal individuals as well as organised parties or nation states.