12/07/2016

2016 – The Year of the Email Pwn

Posts

To say that email hacks rocked the presidential election would be an understatement. We have never seen such widespread, high-profile email hacking on this scale before. Over the past six months alone, we have witnessed the DNC, John Podesta and Colin Powell all fall victim to email hacks, and what’s worse, the contents of their conversations exposed for the world to see via WikiLeaks.  

By the overall scale and scope of these hacks, we wouldn’t be out of line to look at 2016 as THE year of the email hack. With such public hacks, many in business are probably wondering if something similar can happen to them, and how they can protect themselves in the future.

Impact of Email Hacks

Clearly, the impact of these hacks goes far beyond the political landscape. The cat is out of the bag, so to speak, with regard to email security, and people are worried.

In the wake of the hacks, business leaders have shared concerns about email, specifically the fear that their email conversations could become public, similar to what happened to Sony Pictures executives in November 2014. They have seen the insecurity of email up close and are rightfully concerned about it.

This realization has led to broad proclamations from business leaders, such as abstaining from using email altogether, or severely limiting their use. While the fear is understandable, it’s also important to know the facts.

The Truth about Email

In its current form, email is a decades-old system that didn’t have security built in from the beginning. While it might come as a surprise to some, these attacks are just bringing to the forefront what security professionals have known for decades — email that isn’t protected is no more secure than a postcard going through the mail, accessible by anyone while in transit.

This is something businesses need to take into account when evaluating their security needs. Leaving email unprotected means sensitive information can be easily accessed by hackers and criminals. If this happens, companies run the risk of an embarrassing data breach, lost confidence from customers and compliance violations if the company is regulated by federal security requirements.

But, there are easy-to-use tools available to businesses to ensure their email is secure. When implemented, policy-based email encryption can properly scan and secure an email as it leaves a network and travels across the Internet, preventing hackers from reading and misusing intercepted messages and attachments. End-to-end encryption takes that a step further by securing the email in transit and storage, preventing hackers from accessing email even if they break through a company’s secure perimeter.

By understanding the tools available to them, business leaders can hold off on kneejerk reactions and instead focus on ensuring that their organizations’ email communications are secure. Because let’s face it, email is how business gets done — plain and simple. 

A Shot Across the Bow

There’s no doubt that the past six months have been rough on email. While the election is over, email’s insecurity remains. It’s hard to imagine the types of hacks we have been seeing slow down in the near future. Instead, we see them accelerating, targeting the likes of businesses large and small, and even government organizations.

With evidence piling up about the insecure nature of email, we hope many businesses are re-evaluating their email practices and looking into proper solutions for protection. Not only have these hacks played a pivotal role in the election, they are a massive warning for businesses across the country (and world).

The only question is — will we heed that warning and learn from the mistakes we’ve made in this iconic year of email pwnage?

Posted: 12/7/2016 6:00:00 PM by Global Administrator | with 0 comments
Filed under: breach, data, email


Recent Posts

10/19/2017

Three Steps for Superior Cloud Security

View Blog Post

10/17/2017

Is Your Team Putting Your Cybersecurity at Risk?

by Geoff Bibby

View Blog Post

10/04/2017

Updating Your Cybersecurity Strategy to Defend Against Evolving Threats

View Blog Post