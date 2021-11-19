Little is known so far, but the Federal Bureau of Investigation (FBI) was breached a few days ago in one of its systems. On November 12, someone had gained access by abusing an insecure code on the FBI website used to share information with local and federal authorities in the United States. From the system he was able to send thousands of emails with a false alert about a cyber attack, so it seems, the attacker only wanted to expose the rivalry that a cybersecurity specialist has.

The FBI released a statement that it has been updating, explaining that the affected equipment has been withdrawn from its infrastructure and that it will be conducting an investigation. Wow, what any organization would do as part of its crisis plan.

Immediately, when the news was shared, some on social networks expressed: “If that happened to the FBI, what is in store for us?”

Trying to explain it, it was a system that had a vulnerability and was probably not considered critical that allowed mass mailing. It was used by someone who quickly knew their intentions, many times the attackers can be for months inside the infrastructure without someone knowing. This was not the case.

It was very cheap for them, it could be worse: access to all emails from local and federal agencies, sending an email that did not seem like a “joke”, but something that could affect others.

As I have done several times with this column, what can we learn from this for our organization?

Email is no longer that simple communication system, now we can find a lot of information not only about the company but also personal. It may contain an attachment that at the hands of someone else can affect the organization and ourselves.

Still, many companies don’t protect email or think about the risk that comes with it. They do not understand that this system can be the door for many others: having access to email allows you to recover passwords from other systems, the same username and password is used on other platforms.

It is clear that some new threats such as the “CEO Scam” or the “Corporate Email Compromise (BEC)” seek to: obtain a benefit on a platform that is not valued as main within the organization.

It is enough to think about what is inside our mailbox to start freaking out, especially when someone asks questions such as: And is there personal data inside the company’s mailboxes?

Those emails with customer or collaborator data that could be violated by the laws of protection of personal data.

And there are many ways to protect yourself, but you rarely see those options. In many cases, it is sought to prioritize cost.

In recent months, I have been able to attend to many cybersecurity incidents that started by email: an attachment, an email pretending to be a senior official, an email pretending to be a supplier or a technological ally. All could be avoided with a couple of controls and settings.

It is a very good time to ask the technical areas about the protection status of email servers and how we protect ourselves against these risks. Activate topics as simple as double authentication and tools to prevent someone from impersonating our identity through emails.

But also, it is time to think about what information we have in the email boxes and if it is necessary to save everything. As we’ve shared before, the more it has, the more I have to protect it.

If it happened to the FBI, it can happen to your organization too.

