There has been much talk about the Russian cyber attacks against the US Presidential elections in 2016 and others and the release of stolen emails and political campaign information resulting from those hacks.
I've put together this mindmap to demistify how it all happened and to show why it is critical to manage the insider threat / employee risk holistically - alongside your information security and your IT risks.
The mindmap shows that by using open source research and social media the hackers were able to socially engineer members of political organisations and campaigners in order to trick them into clicking on links and allowing the hackers "in" to their networks. From there they were able to gain access to other related organisations and eventually Hillary Clinton's private email server.
The information stolen was then passed to a variety people and groups - all of whom had a use for that information or found value in knowing the content. From political opponents to lobbiest and protest groups. A knowledge of the risks and threats posed and how attacks happen would have gone along way in mitigating these issues.
If you would like to talk more about protecting your business. Get in touch.
Gary is CEO and Founder of ESID Consulting. An Insider Threat & Information Security consultancy.