How Podesta became a cybersecurity poster child

October 21, 2016

When John Podesta forgot his Apple iCloud password last spring, he asked an aide to remind him — so she emailed it to him. And that set the stage for trouble for Hillary Clinton’s campaign chairman.

First, a WikiLeaks dump last week of Podesta’s alleged Gmail messages revealed the password — “Runner4567″ — to the world. Then someone hijacked Podesta’s Twitter account, possibly using the same password, and blasted out the tweet: “I’ve switched teams. Vote Trump 2015.” The next morning, a security researcher found evidence that digital pranksters had used the password to remotely erase all the contents from Podesta’s Apple devices.

The cascade of woes, which Clinton’s campaign has not confirmed, appears to make Podesta just the latest Washington power player to join an inglorious club — the roster of senior government officials and political operatives who, like tens of millions of other Americans, have failed to take basic protections for their sensitive data. Others in the elite group include Director of National Intelligence James Clapper, CIA Director John Brennan and 2012 Republican presidential nominee Mitt Romney, whose personal emails have all suffered assault from digital intruders.

Podesta’s saga is both an object lesson and a warning that D.C. needs to up its cyber game, security experts said.

“This one has it all,” said Joe Siegrist, CEO of the password-management company LastPass, which offers people an encrypted app to house their login credentials. “An absolutely terrible password. Assistants emailing the password. Passwords being re-used for a bunch of different sites. Pretty much all the classic mistakes that everybody who has zero care about this makes.

“When you do everything wrong, you’re bound to fail,” Siegrist added.

While ordinary Americans routinely make many of the same mistakes, some cyber experts say such weaknesses are especially damaging when they involve big players like Podesta, whose emails were targeted by hackers in what U.S. intelligence agencies allege is an attempt by Russia to meddle in the U.S. presidential election.

Read full story…