2015 has seen a series of very disturbing trends in data theft and network security, with even the US Government being hacked by cyber criminals at home and abroad.
Recently, the IRS was breached and over 200,000 taxpayer records have been put at risk, with over 100,000 personal taxpayer records containing detailed financial information being stolen.
Worse has followed, with Chinese hackers strongly suspected of being behind the theft of over 4 million personnel records, including 1.5 million uniformed military personnel records stolen from the Office of Personnel Management.
Here are some of the major security threats and trends so far this year:
Nation State Attacks
Last year Edward Snowden revealed major snooping and data interception by the US National Security Agency and their British counterparts, GCHQ. Both of these agencies were involved in at least one hack into the Belgian telephone network operated by the nationalized telecom company, Belgacom. Traces of the malware used to perform the hack, Regin, have also led to very strong suspicions that attacks were also made upon cellular and telecom networks outside of Belgium, which would be reasonable – they are spy agencies after all!
It is not just the West however, who are engaging in Nation State Attacks: there is exceptionally strong suspicion, and not a little evidence, that the Sony hack which resulted in the theft and release of several major movies, was performed by the North Koreans, angered by the Seth Rogan movie, The Interview.
This demonstrates that Nation State Attacks are not necessarily mounted just against another Nation State, but also are being used for commercial advantage as well as spying opportunities on the private sector.
If you cannot steal data, you can achieve considerable damage by simply destroying it. Referencing the Sony hack, the attack did not simply result in the theft of movies, emails and sensitive company information, but also resulted in the wholesale destruction of a lot of data. This has been a relatively rare occurrence in the United States, but similar attacks have been successfully mounted against government agencies and businesses in Iran, Saudi Arabia and South Korea. Business targets included banks and media companies, and in particular, public and private agencies operating in the oil sector.
Providing data is properly backed up, however, data destruction should not pose a serious threat to operations even though it is very troubling attacks can be successfully performed.
Critical Infrastructure Breaches
Stuxnet is a “worm” which was launched against the Iranian nuclear program and successfully sabotaged their uranium enrichment facility. So far, US critical infrastructure has not been harmed, to our knowledge, but the time is fast approaching when the country is likely to suffer a critical infrastructure attack. The reason for this thinking is that back in 2012, Telvent was used to gain access to a manufacturer of electrical grid control systems, and included not only gaining access to the underlying software, but the provision of full administrator rights when it was deployed at customer locations.
Emerging threats and hacks will continue to escalate, and a faster pace than ever before. Safeguarding network infrastructure is fast becoming a highly specialized skill, and data and applications are now not just the motivation for raiding a network, whether government or in the private sector.
Jensen Carlyle is a technology writer and is currently working on reviewing security threats for Swift Systems.