Regardless of their politics, the recent news of the DNC server hack, allegedly by Russian-government-backed hackers, should have security teams pulling their hair out. Why? Because the first phase of the attack used one of the oldest tricks in the book -- a phishing email attack, leveraging a copycat domain.
"For example, the first group, APT 28, often uses the same tactic: registering a domain whose name is similar to that of its target, to trick users into disclosing their passwords when logging into the wrong site. In this case, hackers set up misdepatrment.com — switching two letters — to target users of MIS Department, which manages networks for the Democratic committee." NY TImes, July 27, 2016
It should be no surprise to learn that almost every devastating cyber breach, from Target to the DNC, starts with the same exploit: