Among numerous other revelations, the big DNC email hack has revealed an organization lacking even basic password security.
Staffers actually used Obama-Biden-2012 and obamain08 as email passwords. It doesn’t take much actual hacking to get into accounts with such passwords, as TechInsider pointed out, there are several off-the-shelf programs that would guess these in under a minute.
An exchange of emails from DNC staffer Pablo Manriquez revealed the DNC’s stunning lack of cyber wherewithal.
Manriquez apologizes for a delay in sending something out over the press email, explaining that, “I cannot login to [email protected]<mailto:[email protected]> with either of the passwords I have on file for the account (Obama-Biden-2012 and obamain08).”
Perhaps these passwords had been changed, but if they were anything remotely close to the above, they were no good.
According to security experts, at least 10 characters and contain symbols and differing capitalization. Boston University’s Information Services and Technology Research group says not to choose names from popular culture and not to use phrases or names without a mixture of lower case and upper case letters.
The group from Boston University explain that if you only use words from a dictionary or a purely numeric password, a hacker only has to try a limited list of possibilities which can be run through by a program in under one minute.
At least two different hacker(s) that have been linked with the Russian government had access into the networks of the DNC for a year, with the ability to read emails, chats, and documents that were downloaded on its computers. CrowdStrike, a company hired to investigate the breach on the DNC, said groups codenamed Fancy Bear and Cozy Bear were behind the infiltrations.
In the ultimate irony, the leaked DNC emails revealed that in May, a DNC staffer mocked a report that the DNC cybersecurity was ‘horrible’ stating that the article was the “dumbest thing I’ve ever read.”
Fallout continues as the DNC chairwoman has been forced to resign following the hacked emails and right before its convention in Philadelphia.
Send Tips to [email protected].
Content created by The Daily Caller News Foundation is available without charge to any eligible news publisher that can provide a large audience. For licensing opportunities of our original content, please contact licen[email protected].