U.S. officials believe Chinese hackers have stolen personal information from over 4 million current and former federal employees in the biggest breach ever of government computer networks. The office of Personnel Management is urging victims to pull credit reports and monitor their statements to look for red flags or identity theft.
The US used a new system called Einstein which was able to track the attacks and pinpoint cyberthreats that led to this compromise of government security. More info here: http://www.cnn.com/2015/06/04/politics/federal-agency-hacked-personnel-management/index.html
Every Major Corporation is at Risk
According to Ex-NSA director, Mike McConnell, the Chinese have over 100,000 hackers on their payroll and have enlisted their talents to steal valuable assets from every major US Corporation. They do this using carefully crafted malware that spies use to extract information from top Corporations and businesses worldwide.
Recently five Chinese hackers were found to have stolen secret specifications for power plants at Westinghouse, swiped financial information from SolarWorld, gained physical access via malware at US Steel, and more. http://money.cnn.com/2014/05/19/technology/security/china-hackers/?iid=EL
Cisco, using its ubiquitous TALOS command center has found similar results. By tracking traffic from its security enabled appliances it was able to assume that over 85% of businesses have malware or other insecurities that go unchecked.
China is not the only threat
Multiple attacks against the Department of Defense point to Russian hackers, and threats abound from many other countries including Korea and Iran.
One of the biggest threats that affect businesses is from organized crime from a zombie army of computers referred to as a “botnet”. These bots gain access to a network through a Trojan horse program and are able to speak to outside computer networks through ports that have been left open. Some of these threats are engineered to ascertain user/password data, employee records and financial information, and other data that can provide financial gain. Some systems can also be leveraged to take down important corporate resources through a Denial of Service attack. This may help to destabilize competitors and create an advantage for companies that are not affected by such attacks. In 2006, Symantec Internet Security reported that over 5 million computers are active botnet computers. However that figure is probably much higher today. Many of those computers are probably sitting at companies worldwide, unknowingly harboring botnet services to this new breed of organized crime bosses.
Raising Corporate Security and Awareness is Critical
Everyday threats from malware attacks, Trojan infiltration, Denial of Service, Cryptolocker-like ransomware threats, and botnet attacks are real. They are here today and they are growing in power and threat surface. Companies big and small need to enhance their security stance immediately to not only protect their businesses and client information, but also to secure employee-related information.
Large-scale breaches at Sony, Target and Home Depot are just the tip of the iceberg in terms of who has been affected by these security hacks. Cryptolocker alone claimed the data at over 500,000 businesses of all sizes. Variants of Cryptolocker like CryptoWall and others have claimed hundreds of thousands of business networks worldwide as well. And, yet, there are millions of networks being infiltrated by trojan’s and malware of all shapes and sizes each year.
The threat to normal businesses is loss of data, loss of services to internal assets, lower customer responsiveness, and potential for bad press. Employee data may help identity thieves attack employees or be able to steal high quality talent away from your business. Corporate data could be plastered out on the internet, causing embarrassment and potential for lawsuits and other actions. It could also be sold to competitors who may use data to contact your best customers and steal your business. Corporate secrets could uncover projections and reports that could eliminate your edge over competitors.
Start with Edge Security, and Work your way to the Core
If you have a firewall that is older than 6 months old, you may be running old, outdated technology already. Cisco ly released new versions of their next generation firewall only 2 months ago. These new devices have the ability to stop Botnet attacks. They have options that allow you to provide intrusion detection and malware defense. The TALOS defense network is always updating security and awareness to curb new threats as they are uncovered. Email filter solutions can also stop viruses as they are sent into the network, and can inspect links to external websites that may contain disastrous payloads.
Cisco is well aware of the growing threat of new zero-day outbreaks and has taken security a step further. They know that stopping threats is only the start of a good defense. Identifying threats as they infiltrate the network DURING, and AFTER the attack are critical components that are often left unsatisfied by older Firewalls. Cisco’s continuous threat analysis identifies new threats and keeps track of items that have passed through the system, alerting IT of threats as information about these threats become known. Antimalware software can be installed on the client machines giving IT managers Retrospective Security Awareness and the ability to identify affected machines after a successful infiltration of the defenses. This lets IT mitigate issues before they can spread and become long-standing vulnerabilities.
Beyond the technology, companies are looking to educate employees and create policies that can help protect the company from the inside. Security is a mindset that must be addressed at the core of the company – from its core employees, not just on the edge. The information from systems such as FireSight let network security technicians know which users are getting most affected by attacks, allowing them to monitor user browsing activity, and identify soft spots in security or user education.