If the CIA Director Is Hacked, Is Anyone Safe?

Photo (cc) by christiaan_008

A computer criminal called the New York Post last week to say he’d hacked into CIA Director John Brennan’s personal AOL email account.

Once you get over the shock that the director of America’s intelligence agency was using an AOL account, you’ll realize that the elements of the attack sound all too familiar. Wired’s Kim Zetter reported that the hacker told her he’d tricked Verizon into divulging Brennan’s personal information by pretending to be a Verizon employee. Armed with those personal details, which reportedly included the last four digits of a bank card, the hacker and his partners went to AOL, fooled the service’s “forgot your password” function, and used it to repeatedly reset the password and hijack the account.

Making matters much, much worse: Brennan had forwarded some sensitive (but not classified) information from his work email to his personal email. The hacker said he found a spreadsheet with Social Security numbers, for example.

Sure this story is embarrassing and perhaps even worth a giggle (the CIA director was using AOL?). But there are serious lessons to be learned.

“Forgot your password” is every hacker’s favorite tool

We’ve known this for years. People forget passwords. When they do, there must be a way to recover or reset the password. This method is almost always less secure than the login credentials. The hurdles to reset the password turn out to be something the company knows, and something hackers can learn. Pets’ names. Old girlfriends’ names. At the sophisticated end, the name of your mortgage holder. Or in this case, payment card details. All discoverable.

The lesson for you? When you set up an account and a company asks you to supply answers to those annoying questions, take an extra moment to make it hard on a hacker. Can you make it impossible? Probably not. One trick smart security professionals employ is to lie in their answers (Say your first car was an AMC Pacer when it was a Ford Escort). You have to remember the lies, of course, but lies are a lot harder to discover through traditional research.

Work and pleasure mix — they just do

Everybody forwards work emails to their personal email address. Don’t lie. (Sorry for the ambivalence on that one.) It’s just too convenient. It’s too easy. With very rare exception, companies encourage employees to bring work home, to bring their own devices, and yes, even their own email addresses to the job. It saves money and gains them productivity. This problem is most clear in the BYOD world, where your iPhone basically becomes company property once you start reading emails on it.

Companies that don’t want their secure information finding its way onto AOL email have to invest in serious technology to forbid it. They also have to let workers leave their work at work. No personal laptops. No quick logging in from home. No, “Oh my work phone is dead, I’ll just use my personal phone this one time.” Until companies are willing to make that investment, things like this will happen. Even to the CIA director.

Those @#$%^& attachments

They are the source of so much trouble. Attachments are the main delivery mechanism for virus attacks that infiltrate companies. Spear phishing emails with fake resumes or spreadsheets lead to corporate espionage. And yes, it’s easy to forward a spreadsheet of Social Security numbers from some HR database to a web-based email account. And then, holy heck can break out. If you are CIA director, you end up being the lead story on the “NBC Nightly News.” If you work in human resources, something much worse can happen — you could lose your job.

The lesson? Treat attachments like fire. Or maybe like firecrackers. They can be useful, but it is very dangerous to play with fire, and they will almost certainly explode on you at some point. Use attachments sparingly, if at all.

It can happen to anyone

Here is yet another example proving that even people whose lives and careers depend on security have lapses in judgment. Really? The CIA director getting caught using an AOL account to store sensitive, if not Top Secret or Classified, information. You can be secure and make smart choices 23 hours and 59 minutes a day, but it only takes a momentary lapse of reason to make a big mistake. So consider this story, think, “There but for the grace of God go I,” and then keep your guard up.

What’s your take on the CIA director’s security breach? Share with us in comments below or on our Facebook page.

Disclosure: The information you read here is always objective. However, we sometimes receive compensation when you click links within our stories.

Read Next
7 Free Tools for Saving More Money at Amazon
7 Free Tools for Saving More Money at Amazon

Use these websites and other tools to save money — or earn extra cash — when shopping at Amazon.

Don’t Trash These 11 ‘Disposable’ Items — Reuse Them
Don’t Trash These 11 ‘Disposable’ Items — Reuse Them

Are you throwing away money? Consider giving these things a new purpose.

10 Items Every First-Aid Kit Should Have
10 Items Every First-Aid Kit Should Have

Take control of your health and safety by customizing your own first-aid kit with these Amazon purchases.

25 Things You Should Never Buy — and What to Buy Instead
25 Things You Should Never Buy — and What to Buy Instead

If you really want to save money, become a more intentional shopper.

12 Tech Gadgets That Make Daily Life Easier
12 Tech Gadgets That Make Daily Life Easier

These products on Amazon will ease worries and simplify your routine.

View this page without ads

Help us produce more money-saving articles and videos by subscribing to a membership.

Get Started

Most Popular
9 Things You’ll Never See at Costco Again
9 Things You’ll Never See at Costco Again

The warehouse store offers an enormous selection, but these products aren’t coming back.

11 Things Retirees Should Always Buy at Costco
11 Things Retirees Should Always Buy at Costco

This leader in bulk shopping is a great place to find discounts in the fixed-income years.

Over 50? The CDC Says You Need These 4 Vaccines
Over 50? The CDC Says You Need These 4 Vaccines

Fall is the time to schedule vaccines that can keep you healthy — and even save your life.

11 Senior Discounts for Anyone Age 55 or Older
11 Senior Discounts for Anyone Age 55 or Older

There is no need to wait until you’re 65 to take advantage of so-called “senior” discounts.

11 Household Items That Go Bad — or Become Dangerous
11 Household Items That Go Bad — or Become Dangerous

When you get the impulse to stockpile these everyday items, pay close attention to their expiration dates.

8 Things You Can Get for Free at Pharmacies
8 Things You Can Get for Free at Pharmacies

In this age of higher-priced drugs and complex health care systems, a trip to the pharmacy can spark worry. Freebies sure do help.

These Are the 4 Best Medicare Advantage Plans for 2020
These Are the 4 Best Medicare Advantage Plans for 2020

Medicare Advantage customers themselves rate these plans highest.

7 Ways to Boost Your Credit Score Fast
7 Ways to Boost Your Credit Score Fast

Your financial security might soon depend upon the strength of your credit score.

The 10 Most Commonly Stolen Vehicles in America
The 10 Most Commonly Stolen Vehicles in America

A new model parks atop the list of vehicles that thieves love to pilfer.

19 High-Paying Jobs You Can Get With a 2-Year Degree
19 High-Paying Jobs You Can Get With a 2-Year Degree

These jobs pay more than the typical job in the U.S. — and no bachelor’s degree is required.

5 Ways to Get Amazon Prime for Free
5 Ways to Get Amazon Prime for Free

Hesitant to drop $119 a year on an Amazon Prime membership? Here’s how to get it for free.

10 Reasons Why You Should Actually Retire at 62
10 Reasons Why You Should Actually Retire at 62

If you can, here are several good reasons to retire earlier than we’re told to.

3 Ways to Get Microsoft Office for Free
3 Ways to Get Microsoft Office for Free

With a little ingenuity, you can cut Office costs to zero.

26 States That Do Not Tax Social Security Income
26 States That Do Not Tax Social Security Income

These states won’t tax any of your Social Security income — and in some cases, other types of retirement income.

14 Things That Are ‘Free’ With Medicare
14 Things That Are ‘Free’ With Medicare

These services could save you money and help prevent costly health problems.

5 Keys to Making Your Car Last for 200,000 Miles
5 Keys to Making Your Car Last for 200,000 Miles

Pushing your car to 200,000 miles — and beyond — can save you piles of cash. Here’s how to get there.

5 Things That Make Life More Meaningful for Retirees
5 Things That Make Life More Meaningful for Retirees

Retirees agree: These are the things that give them purpose and fulfillment in their golden years.

10 Things You Should Never Do With Bleach
10 Things You Should Never Do With Bleach

Does the pandemic have you reaching for bleach more than ever before? Learn the ins and outs of using this powerful disinfectant.

15 Amazon Purchases That We Are Loving Right Now
15 Amazon Purchases That We Are Loving Right Now

These practical products make everyday life a little easier.

View More Articles

View this page without ads

Help us produce more money-saving articles and videos by subscribing to a membership.

Get Started

Add a Comment

Our Policy: We welcome relevant and respectful comments in order to foster healthy and informative discussions. All other comments may be removed. Comments with links are automatically held for moderation.