CoreTech Blog

CoreTech Blog

CoreTech has been serving the Bowling Green area since 2006, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

If a Teen Can Hack the CIA, Your Business Needs to Prioritize In Security

b2ap3_thumbnail_cia_hacked_400.jpgWe write about cyber security all of the time, and for good reason. You need to be sure that your organization’s defenses are bulletproof, or at least optimized for maximum security. A recent debacle in the United States serves as a reminder that even high-level, super-secret government accounts can be hacked, like this story from the Central Intelligence Agency (CIA).

As reported by WIRED, CIA Director John Brennan was the victim in question. His AOL account was broken into by a hacker who claims that he weaseled into Brennan’s account by posing as a Verizon worker. In other words, the hacker used a targeted spear phishing tactic, in which he posed as a worker, to trick another employee into handing over information required to access Brennan’s account. In this case, it was the last four digits of Brennan’s bank card.

The teenage hacker and his associates then proceeded to change the password on Brennan’s email account, and gained access to his inbox, which contained secret government documents from Brennan’s work email address, which he forwarded to his personal inbox (a practice that’s highly frowned upon in matters of government secrecy - just ask Hillary Clinton). According to WIRED:

After providing the Verizon employee with a fabricated employee Vcode—a unique code that he says Verizon assigns employees—they got the information they were seeking. This included Brennan’s account number, his four-digit PIN, the backup mobile number on the account, Brennan’s AOL email address and the last four digits on his bank card.

“[A]fter getting that info, we called AOL and said we were locked out of our AOL account,” he said. “They asked security questions like the last 4 on [the bank] card and we got that from Verizon so we told them that and they reset the password.” AOL also asked for the name and phone number associated with the account, all of which the hackers had obtained from Verizon.

The scary part of this entire situation is that the victim wasn’t at fault for the data breach. This situation just shows how easy it is for hackers to obtain sensitive information that they can use to infiltrate your systems. Security questions like “What is your mother’s maiden name?” or “What was your first pet?” are easy enough to answer for a hacker that’s hell-bent on stealing your information.

A solution to this dilemma is to take proper security precautions that are designed to keep hackers out of your accounts by utilizing several security layers. The first step toward implementing this is to use a strong password that’s made up of several different letters (both upper and lower-case), numbers, and symbols. Strong passwords make hacking into an account significantly more difficult, even for seasoned hackers.

The second step is to integrate two-factor authentication for your accounts. Two-factor authentication requires a secondary credential in addition to your normal login credentials, making it that much more difficult for hackers to gain access to your account. These credentials are usually sent to your smartphone in the form of a SMS message, an automated voice message, or even to your secondary email account. In other words, hackers need physical access to your device in order to obtain this credential.

CoreTech can help your organization set up the two-factor authentication solution that your business needs in order to maintain top security protocol. Just give us a call at (270) 282-4926 and ask us what we can do for your business.

Look Beyond Your Current IT Needs to Find Future S...
Tip of the Week: 3 Considerations to Make When Set...
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Tuesday, 17 December 2024

Captcha Image

About CoreTech

CoreTech has been serving the Kentucky area since 2006, providing IT Support such as technical helpdesk support, computer support and consulting to small and medium-sized businesses. Our experience has allowed us to build and develop the infrastructure needed to keep our prices affordable and our clients up and running.

get a free quote

Recent News

Last week, we discussed why X—the social media network once known as Twitter—has been losing many users. Here, we wanted to direct those seeking a move to consider the up-and-coming platform known as Bluesky in case you were one of those jumping ship...

Contact Us

1711 Destiny Lane Suite 116
Bowling Green, Kentucky 42104

Mon to Fri 8:00am to 5:00pm

[email protected]

(270) 282-4926


Nashville Managed IT
Louisville and Lexington Managed IT
Bowling Green Managed IT
Clarksville Managed IT