It seems as if today nobody is safe from having their email hacked into. Over the last few weeks the emails of George W. Bush, the former President of the US, along with those of several members of his family were brazenly hacked and many of their private and personal communications were made public. This kind of cyber attack is simply far too common, and far too easy to pull off.
In the case of Bush, the hacker went by the nickname of “Guccifer”. This anonymous hacker contacted a well known website and claimed that he had accessed a large quantity of information including some very personal emails that referred to Bush’s recent spell in hospital. These included a number of paintings that Bush had done including some nude self portraits of him in the bath and in the shower. Other information included telephone numbers, addresses and email addresses of many members of his family; various items of correspondence between Bush and Fox News; and most frighteningly the code of the security gate to the residence of a member of the Bush family. In total six different email accounts were hacked into.
So what was the motive behind the hack? While there are certainly national security and espionage implications, it seems that the principal motivation was just for the sport of the exercise; just to show that it could be done. Had it been otherwise, then he wouldn’t have published what he had discovered from the hack.
This is a stark reminder to anyone who uses a public email system that such systems are highly vulnerable. If an email account is protected just by a password and that password can be guessed without too much effort then it is a trivial matter to hack into the account. Although the email accounts of celebrities are particularly attractive to hackers, the same applies to anybody who fails to use email encryption.
The way in which many people use their smartphones creates additional email security vulnerabilities. Rather than keeping the information in their heads, large numbers of people store their email and webmail login information on their smartphones, and frequently don’t even secure their smartphones with a pass code. This means that anyone who gained possession of the phone would have immediate access to all the users private and financial information stored in the owner’s email account.
The only really secure solution is to encrypt all of one’s personal data, files and emails. Simply encrypting a disk drive and using SSL encryption is insufficient; it is the actual data, emails and email attachments that should be encrypted. Meanwhile the federal agencies are on the trail of Guccifer, and according to him not for the first time either.
Be safe, be productive
About the Author: This guest post is authored by Kira from mimecast.com. Kira is a blogger by profession. She loves writing on technology and style.