Following the news about ‘White House Email Hacking’, Mark Wilson, Director of Product Development at STEALTHbits Technologies commented below.
Mark Wilson, Director of Product Development at STEALTHbits Technologies:
“Email is often the forgotten platform for data security. In reality,email should be up there as one of – if not the primary – concern.
“Everyone knows and appreciates that file systems contain data, but so do mailboxes. When was the last time you cleared out your mailbox? Not for a while, I guess. Given the relatively cheap cost of storage these days, mailbox limits are getting larger and larger, which inadvertently means mailboxes contain more data – often sensitive data, at that.
“What happens when someone steals data from a file system? They copy it to another device, either a remote device or something like a USB drive. Not very efficient, and reasonably easy to track. However, and this is where email stands apart, email has an inbuilt transport mechanism. You have only to click forward and that email, with all of its sensitive content, could be anywhere on the planet. It could be distributed to a million people direct from the mailbox, before you even know that a breach has occurred.
“Don’t be surprised that email breaches are regular headline stories, be surprised that more focus isn’t place on securing mailboxes in the first place. Another key aspect in this story is that this was not a breach through state sponsored activities, it was a classic insider threat… which is actually the largest type of threat for potential impact.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.