A cyber attack can be devastating just in terms of the harm that it causes your reputation, as was quite clear from the recent breach of CIA Director John Brennan’s email account. The hacker apparently called AOL, Brennan’s email provider, and presented himself as a Verizon employee (AOL had been bought by Verizon in June). In this way, the hacker managed to obtain Brennan’s credit card information, which made it possible to reset Brennan’s email password. From that point on, the door was open to many types of intrusions, which could include targeted attacks using the names of Brennan’s contacts, financial attacks through his credit card information, and identity theft. Furthermore, it is likely that the hacker can now reset Brennan’s passwords for accounts and applications (such as iTunes, Gmail, and bank accounts) that use his AOL email address as a backup for a forgotten password.
At the end of the day, while securing one’s network with the latest innovations in cybersecurity is of utmost importance, large companies like AOL have an obligation to train their employees in cybersecurity and must strive to constantly strengthen the weakest link in the chain – the human factor.