A month after former US Secretary of State Colin Powell’s personal emails were leaked and just days before the third and final Presidential debate, Hilary Clinton’s campaign manager, John Podesta, has seen his private emails spread like wildfire and his Twitter account hacked. This latest high profile attack highlights the necessity to eliminate passwords says Dave Worrall, CTO at Secure Cloudlink.
Worrall comments: “Data breaches have dominated business headlines for months, usually involving a multi-million pound organisation losing a lot of information that affects a huge number of people. The severity of this hack depends on your political leaning, but just days before the final debate, it is beyond just embarrassing for Hilary Clinton’s campaign manager’s Twitter account to be posting “I've switched teams. Vote Trump 2016.Hi pol”. While the content of his emails and the tweet have sparked much debate, the more critical issue is the cause of the attacks. In that sense, it’s time for everybody to ‘switch teams’ and eliminate the use of passwords.
Following the Colin Powell email hack in September, it is evident that experienced hackers are not merely using stolen information for potential financial reward, but to exploit political angles and sway American voters in the midst of a Presidential election.
This is once again evidence that the appetite for stolen data is only going to continue to grow. The explosion of businesses transacting online, social media sites, mobile devices and applications in the workplace have seen huge data hacks involving giant organisations, most notably the reported 500 million account credentials from Yahoo. Now high profile celebrities are equally of interest to hackers after recent reports of Pippa Middleton, Jennifer Lawrence and Mo Farah having all had their personal information stolen.
Politicians across the world will be deleting their email histories, photos and any messages that may lead to them making the front pages. They will all be told to change their passwords as the best way to prevent a hack from happening to them.
Worrall continued: “Merely changing your password and deleting previous emails in not the answer. Passwords are no longer fit for purpose, incidents like these are no longer just expected but inevitable under the current system.
“It hasn’t yet been revealed how John Podesta’s emails were hacked, but it has been reported that his password, which was leaked on WikiLeaks, may have been repeated on various accounts. Even though Mr. Podesta’s private email archive was protected by a password, which was probably selected with care and diligence and may have been complex and unique, the hack still occurred. It doesn’t matter if passwords are stored in an encrypted format, they can still be stolen and the encryption cracked.
“Most current password security systems for applications and websites are flawed. The issue continues to worsen and shows no sign of stopping, merely integrating itself in other ways. It’s very concerning if the trend is moving from big organisations to high profile personalities as information about individuals being leaked could lead to more physical dangers.
“There have been too many wake up calls and passwords have evolved into an indefensible means of authentication and instead of trying to find better solutions, governments have continued to operate under a system of password proliferation across multiple, often incompatible systems. The time is now right to rethink the entire concept of the password, each of us are unique, so we need a unique solution,” Worrall concluded.