5 ways to prevent email hacking from damaging your public life – GCN


5 ways to prevent email hacking from damaging your public life

As the midterm elections approach, the personal email accounts of politicians and their employees become prime targets for hackers. According to a September report in the Washington Post, Senator Ron Wyden (D-Ore.) Argued that Senate and staff emails were under attack, but because these hacking attempts did not involve devices or official accounts, they were beyond reach and authority. Cyber ​​security experts from the Hill.

It’s incumbent on email users at all levels of government – local, state, and federal – to better understand how to protect themselves from the prying eyes of bad actors. Without this understanding, current and future government figures will find themselves exposed to a repeat of the hack episodes of 2016, where stolen email data fell into the public domain, causing irreparable damage to public trust.

Here are five simple steps to reduce the risk of email hacking.

1. Know the vulnerabilities inherent in emails. Because it’s typically sent in plain text, an email that’s not completely encrypted can be read by anyone, including hackers. Think of it as a modern day postcard, where anyone can see what is written. To fix vulnerabilities in this digital postcard, users must encrypt everything – all email, metadata, subject lines, files, and anything else related to the email – to ensure private communications.

2. Use unique encryption identifiers for all. Encryption credentials for each data packet sent minimize potential single-message attack surfaces, which should be reassuring to those in the public eye, whose match is relatively easy to identify and isolate. for hacking or phishing. Unique credentials ensure that brute force attacks against a targeted individual will only compromise a single message, forcing hackers to decipher the entire thread to get what they are looking for.

Hackers can track emails for months – identifying patterns and flows, times of day, recipients and senders – to understand how emails are being used. Over time, this knowledge could lead to phishing efforts specifically tailored to key people. The content of emails, such as the names of children or pets or other personal information, can give hackers clues about possible passwords.

3. Maintain an audit trail. An unfortunate consequence of email hacking is that public figures find themselves in court, distrusting each other over what they said, to whom, when, and through what channel of communication.

For this reason alone, politicians, candidates and support staff need recordings of all communications. They should have read acknowledgments for each exchange in order to prove that an email was received and read and to eliminate the possibility of rejection.

4. Understand the limits of security. Many people mistakenly believe that moving to the cloud eliminates security concerns. In fact, cloud service providers don’t necessarily have control over what is used beyond the firewall, whether by the recipient or the sender.

Within an organization, it is easy to encrypt the content of emails. Encryption and decryption keys are kept in the firewall. At the edge of the firewall, however, messages can be decrypted and sent in plain text. By not understanding what is going on in the encryption process, errors can occur, especially if users place their trust exclusively in the hands of a cloud provider.

5. Beware of passwords. Most data-in-transit protection technologies use passwords, but passwords themselves are the most common targets of hackers.

Ideally we would all have a ‘one-time, forever password’ that I could send you something with, tell you the password so you can decipher the first message, and then whatever we send to each other is encrypted. .

In the real world, however, we need multi-factor authentication – a combination of a password and other factors to strengthen the security perimeter. Without it, the best security in the world is easily overcome.

Government officials may not be aware of the risks they face when using email. But if they learn how to protect their communications, they can mitigate security risks.

About the Author

Mark Forrest is CEO of Cryptshare.

Source link

June J. Lopez

Leave a Reply

Your email address will not be published.