On May 16th, 2017 DocuSign, an electronic signature service with over 200 million users in 188 different countries, joined the growing list of companies who have experienced cyber-attacks within the last few months. A third-party hacked into their system, sent emails which appeared to be from DocuSign and contained a malicious file, then gained access to possibly 100 million account holder emails. Upon discovering the phishing scam, DocuSign instructed anyone who received the email to delete it immediately. Luckily, according to DocuSign, “no content or any customer documents sent through DocuSign’s eSignature system was accessed; and DocuSign’s core eSignature service, envelopes and customer documents and data remain secure.”
In response to the DocuSign hack RainKing Analytics reached out to IT decision makers from companies who use DocuSign to see how their organizations are reacting to the attack. The participants (147 in total, 95 who directly use DocuSign) are from the United States and Canada.
Much like the response to the WannaCry Ransomware attack and the Google Docs Phishing scam, companies plan to invest in security training for employees in response to the DocuSign hack, which was indicated by 35% of participants. Only 5% of participants intend to purchase alternate electronic signature technology and Digital Transaction Management solutions. Just 3% of participants indicated their organization will invest in redundant databases to protect proprietary information.
RainKing Analytics wanted to know how much proprietary information is shared by the large multi-national enterprises, business departments, individual professionals, and consumers who use DocuSign. On average we found that 30% of the information shared is proprietary. However, 12% of participants reported that between 80-100% of the information shared is proprietary. This makes the attack even more concerning as the information shared is often extremely sensitive.
Despite this attack, participants have not lost trust in their own company’s ability to keep information safe from future attacks. When asked “how confident are you that your organization understands how to keep its own systems from being vulnerable,” 51% indicated that they were still somewhat confident in their own security, and 41% indicated that they were extremely confident.
RainKing Analytics also wanted to know how this hack and other recent attacks have affected policies related to the use of personal devices on the company network. We found that there has been an impact in this area, with 56% of participants saying that policies have been affected. This information indicates that we may see increased investment in mobile device management, multifactor authentication, and network segmentation within these companies.
In order to monitor any malicious attacks, security threat assessment is a necessary part of keeping information secure. Therefore, RainKing Analytics asked how often assessments were being performed within these companies. 59% perform assessments weekly which suggests they have a handle on staying informed in regards to company security. However, 28% perform assessments monthly, and 11% perform them quarterly. Unfortunately, with the increase in security threats, monthly and quarterly assessments are probably not often enough. This could lead to attacks going unnoticed, leaving vulnerabilities within these companies.
RainKing Analytics believes that the impact of the attack will certainly lead to investment in security training for employees and a change to bring your own device (BYOD) policies. It may also lead to a need for more effective security measures to prevent these attacks, as well as more frequent security assessments within organizations. Although employees remain fairly confident in their company’s security, no company is 100% impervious to cyber-attacks. Unfortunately hacking, phishing scams, and ransomware attacks don’t appear to be slowing down any time soon.
Data and analysis by RainKing Analytics, written by Dorie Phillips