Phishing is low-tech, but also difficult to prevent. All you need is one person to fall for a well-written scam email and you can start to get acces
You would think that people at that level of government or that involved in politics would know better, right?
I mean it is Cyber Security 101
Yes and no. Having worked in the government, you’d be amazed at the shear volume of attacks. Most of them get filtered by IT before they get to people’s email accounts, but about one a week made it through, and the ones that did were very well-written, directed specifically to agency employees. In a 1000 person organization, I’m sure they got some hits. I’ll hope our IT staff had ways to figure out who was compromised quickly, and I do know of people who were taken off sensitive projects because they fell for an attack, but the reason phishing is so prevalent is that it largely succeeds based on sheer willpower.
The DNC’s error was hubris, in thinking they could handle it themselves, and not seeking assistance immediately. Also, hubris in general.