White House breach: Cyber thought leaders speak out

Cyber magazine speaks to two industry thought leaders from Delinea and Efficeint iP on the recent tech executive breach at the White House

A tech executive “exploited” his access to computer data at the White House to find “derogatory information” about President Donald Trump, a special counsel appointed during the Trump administration has said in a court filing. 

According to a report on NBC News, the employee used his access to domain name system, or DNS, data to compile information about which computers and servers the White House servers were communicating with.

Industry thought leaders speak to Cyber magazine about the breach.

Delinea comment 

Joseph Carson, Chief Security Scientist at Delinea says: “The recent news that a tech executive abused their access freedom to identify which internet servers Trump’s White House computers had been communicating with is an extreme abuse of authorised access that raises the importance of insider risks. 

"Governments must ensure appropriate security controls are in place to reduce the risks of insider threats, as well as ensure that employees understand that when access is abused, they will not be able to hide their tracks. 

"A way of reducing insider risks is to ensure that employees are fully aware privileged access auditing is in place. This would act as a deterrent, so that employees will not even attempt to risk their career or legal actions.   

"The critical importance of privileged access to such data such as DNS records should be protected, and all access should be audited so that non-repudiation is maintained. This is kind of ironic, as the government know very well that metadata is extremely powerful: having a map of which internet servers and websites are being accessed can reveal sensitive information about what could be discussed, what is being planned and top government priorities, even without knowing the content of the communication itself.”

Efficient iP comment

Ronan David, Chief of Strategy at EfficientIP says: "The announcement by the special counsel that a tech executive was using DNS data to compile information about which computers and servers were communicating with the White House servers, highlights an increasing problem we are seeing within organisations when it comes to DNS security. 

"From its design, DNS is an open service, with virtually all internal network traffic travelling through it. The DNS is the phonebook of the enterprise network, translating the name of an application to an IP address, enabling a user to reach it. Therefore, the DNS is a goldmine of information for cybercriminals to learn about a certain network and application in order to develop their attacks. 

"Threat actors know the critical role DNS can play in the cybersecurity kill chain, and it therefore becomes a priority target. For example, IDC’s survey in 2021 unveiled that 87% of organisations experienced one or more DNS attacks and more than 26% of them had sensitive information stolen.  

"Unfortunately, this discovery by the special counsel could potentially lead to further attacks on the White House’s DNS. Once cyber criminals know an aspect of an organisation’s network is vulnerable, they are more likely to target it. Organisations must therefore be realistic and pragmatic if they want to properly protect users, data and applications. DNS security is a must-have in any modern arsenal of defence against cybersecurity threats. 

"Organisations should deploy purpose-built DNS security systems. Standard solutions such as next-gen firewalls have been proven to not be sufficient enough to protect an organisation’s systems. The technology and solutions chosen by organisations need to enable application access control at the user level in order to reduce the attack surface and block the lateral movement of the malware.  

"Real-time analytics of DNS traffic is another fundamental aspect of security in order to overcome the limitation of signature-based systems and offer behavioural threat detection. Organisations, including the White House, that fail to take the threat of DNS security seriously will see it become the route of all their cybersecurity problems.” 


Featured Articles

UK Takes Steps to Strengthen Country's Cyber Security

The new government have made cybersecurity one of their top priorities as they lay out their plans for what they intend to do in power

BlueVoyant Launch Platform to Tackle Supplier Attack Surface

BlueVoyant has unveiled a new Cyber Defense Platform which aims to tackle the growing attack surface introduced by the ecosphere of third-party vendors

Irdeto’s Andrew Bunten Talks Securing Online Content Streams

With online streaming services being bigger than ever, Irdeto’s Andrew Bunten explains how they manage to keep streams safe despite the huge attack surface

Fortinet Cyber Survey Shows Global Scope of Skills Gap

Operational Security

What ChatGPT Passing an Ethical Hacking Exam Means for Cyber

Technology & AI

Learn How CTEM can Upskill Your Cyber Strategy

Network Security