The scandal involving the security risk to U.S. State Department e-mails is just the latest in a long list of news items that are bringing the potential dangers of cyber-hacking into focus.
But of course, we’ve seen it before — and it involves far more than just “potential” risk. From Target, Best Buy and other retailers to Ashley Madison customer profiles, IRS taxpayer information and the U.S. government’s personnel records, the drumbeat of cyber-security threats that’s turned out to be all-too-real is persistent and ongoing.
In the realm of marketing and public relations, recent breaches of PR Newswire and Business Wire data gave hackers access to pre-release earnings and financial reports that have been used to enrich nefarious insider traders around the world to the tune of $100 million or more in ill-gotten gains.
These and other events are occurring so regularly, it seems that people have become numb to them. Every time one of these news items breaks, Instead of sparking outrage, it’s a yawner.
But Jane LeClair, COO of the National Cybersecurity Institute at Excelsior College, is pleading for an organized effort to thwart the continuing efforts — one of which could end up being the dreaded “Cyber Pearl Harbor” that she and other experts have warned us about for years.
“We certainly can’t go on this way — waiting for the next biggest shoe to drop when hundreds of millions — perhaps billions — will be looted from institutions … It’s time we stopped making individual efforts to build cyber defenses and started making a collective effort to defeat … the bad actors that have kept us at their mercy,” LeClair contends.
I think that’s easier said than done.
Just considering what happened with the newswire services is enough to raise a whole bevy of questions:
- Financial reports awaiting public release were stored on the newswires’ servers … but what precautions were taken to protect the data?
- How well was the data encrypted?
- What was the firewall protection? Software protection?
- What sort of intruder detection software was installed?
- Who at the newswire services had access to the data?
- Were the principles of “least privilege access” utilized?
- How robust were the password provisions?
In the case of the newswire services, the bottom-line explanation appears to be that human error caused the breaches to happen. The attackers used social engineering techniques to “bluff” their way into the systems.
Mining innocuous data from social media sites enabled the attackers to leverage their way into the system … and then use brute force software to figure out passwords.
Once armed with the passwords, it was then easy to navigate the servers, investigating e-mails and collecting the relevant data. The resulting insider trading transactions, made before the financial news hit the streets, vacuumed up millions of dollars for the perpetrators.
Now the newswire services are stuck with the unenviable task of attempting to “reverse engineer” what was done — to figure out exactly how the systems were infiltrated, what data was taken, and whether malicious computer code was embedded to facilitate future breaches.
Of course, those actions seem a bit like closing the barn door after the cows have left.
I, for one, don’t have solutions to the hacking problem. We can only have faith in the experts inside and outside the government for determining those answers and acting on them.
But considering what’s transpired in the past few months and years, that isn’t a particularly reassuring thought.
Would anyone else care to weigh in on this topic and on effective approaches to face it head-on?