Politicians Under Cyber-attacks. Is It Possible to Prevent the Attacks and the Leak of Confidential Information?

Antoni Sikora, Head of Growth, Secfense

Various organizations - firms and offices - are being broken into more frequently than before through digital identity theft. Politicians have been affected, as well. Leaks of important andconfidential data from email accounts or inappropriately secured applications are more and more frequently reported. The recent scandal concerns Poland where hackers managed to take over the email account of the Chief of the Chancellery and published the content of official correspondence. Other countries are not safe from the attacks either, as in the case of Great Britain. What is the criminals’ modus operandi? How could politicians and employees of crucial national institutions be protected against similar attacks?

As their number has been growing, the issue of cyber-attacks on email accounts of employees ofcrucial national and medical institutions has become a concern for almost every country. In the past6 months, hackers obtained classified information relating to British aid projects financed by National Security Council intended to counter terrorism and build stability overseas. In February,breach ofsensitive data was reported at Oxford University laboratories researching Covid 19.

“Hackers obtain user digital identity through phishing emails. This is why everyone and, especially, people with access to sensitive information, should use the so called additional factor. With hundred per cent accuracy, this solution provides confirmation on user identity. Put simply, it checks whether the person behind the computer is actually the person authorized and not a hacker using a stolen password”, Tomasz Kowalski, Secfense CEO, said.

180 days for the adoption of 2FA in the US

The fact that the multi-factor authentication (MFA) is a must nowadays is strengthened by the Executive Order on Improving Nation’s Cybersecurity issued on May 12th by the American Presidenturging the implementation of 2-factor authentication (2FA) for the Federal Government within 180 days.

This type of security measure was missing in the case of Michal Dworczyk, the Polish Chief of theChancellery, which, in June of this year, resulted in his private email account (inappropriately usedfor official correspondence) being hacked. The situation caused quite a stir since strategic and strictly confidential information of state importance was obtained by unauthorized individuals.

“According to the owner of the domain where the Polish politician’s account is hosted, the access to the account was gained as a result of providing correct login and password. It may be assumed that the hackers either extorted the password from the Minister’s wife or took advantage of the fact that she used the same password in other services and obtained it from one of them”, Kowalski added.

State matters on Gmail

The use of private email accounts for official business within state administration is not only Polishflaw. According to Sky News, in 2020 alone, as many as 151 breach incidents were reported in theBritish Ministry of Defense as a consequence of the transfer of secret information from thegovernment secured network to private email accounts.

“As you can see, it is difficult to discipline even the people who have access to the most confidential information. It is, therefore, imperative that we speak of the vast and comprehensive use of the so called additional factor during the authentication in systems and applications”, Tomasz Kowalski further explains. “The second factor could be both physical keys or biometric scanners built into laptops or smartphones. It is important to secure all applications used by employees and politicians. Fortunately, today there are a number of non-invasive ways to use any method of multi-factor authentication, including cryptographic keys, that does not require changes in application codes “.

After the scandal over the leak of Minister Dworczyk’s emails, talks about the purchase of physicalcryptographic keys (U2F) for the government have begun. However, whether the keys will protect allthe government applications or the politicians will actually use them remains in question.

 Either way, today, multi-factor authentication is considered the most effective protection againstinformation theft, including obtaining sessions from logged-in users, phishing, and man-in-the-middle attacks. All of us and, especially, people holding state positions, should immediately stopusing passwords as the only online authentication and security confirmation. It is the passwords,oftenweak and identical in numerous services, that are prone to easy theft, which may result in not only the owner’s stress but also in a political crisis.

What measures should politicians and officials take to protect themselves against cyberattacks?

1. Use different passwords in different services.

2. Use password management applications that enable the generation of strong passwords and theirstorage.

3. Implement two-factor authentication whenever and wherever possible.

4. Not send sensitive information through private email accounts.

5. Allow automatic update of operating system and key applications. This will enable the removal of security bugs.

6. Not react when someone asks for immediate provision of data, whether the request comes from an application or through an email demanding immediate reaction, or from a fake bankrepresentative calling with a request for the installation of a phone application.

7. Use Signal communicator for important messages. Signal is currently the most secure application.In contrast to WhatsApp, not only does it provide confidentiality but it also maintains privacy of all conversations as it does not collect any connection metadata, i.e. the messages are encrypted therefore the application does not know their content, it also does not know who the participants ofa conversation are.