ABC News reported on Thursday, July 9th, that the four month investigation into two hacks on the Office of Personnel Management (OPM) revealed, “more than 22 million people inside and outside government likely had their personal information stolen,” and that, “hackers allegedly rummaged through various OPM databases for more than a year.”
In the digital world, what you don’t know can hurt you
Joe Caruso, founder and CEO/CTO of Global Digital Forensics (GDF), a premier national provider of cyber security solutions and digital forensics services headquartered in New York City, has led emergency response teams for clients for many real-world data breach emergencies, and has no doubt it was not any kind of quick in and out attack. “Mega-breaches like this don’t happen quickly, and they aren’t easily discovered. Advanced malware threats hide on infected systems for a long time, and if you couple that with the fact that numerous cyber attacks like these are going unreported because many victims still have no idea that attackers already have, and may have had for a long time, a presence on their network, and the scope of the problem can be mind-boggling. These OPM breaches alone have affected roughly 15% of the US population, just let that sink in.”
Fully protected? Not a chance
“You would be hard pressed to find any company today without firewalls, virus scanners and a host of security measures implemented,” says Caruso. “Still malware gets through. First because these types of solutions can’t account for the biggest weakness in any organization, the human element, and their susceptibility to social engineering ploys like phishing and spear phishing attacks, or compromised vendors being used as a springboard for attacks by using their valid credentials against another target. And secondly, because typical antivirus and anti-malware solutions rely on signatures of known threats in order to detect, identify and remove them. But if a threat is unknown. Like a Zero Day exploit, or advanced enough to hide from security programs by disabling or fooling them by changing its “signature,” it simply isn’t detected, allowing it to remain hidden and function destructively for years at a time in many cases. Spyware, RATs (Remote Access Trojans), rootkits, polymorphic viruses, they can all be sitting right there on the system waiting for the attackers to use them to do what they do, out of sight, and out of mind.”
Regularity is key
“The main ingredients for success when it comes to enhancing an organization’s cyber security posture are commitment and regularity,” says Caruso. “Every company relying on the digital world in any form or fashion has to understand it’s not a choice today, it’s a necessity, and they have to be committed to making a stand and following through with it. They have to understand what they are vulnerable to, which can be very unique company to company, and they have to know what their weaknesses are. And it’s not a one shot deal, the process has to be repeated regularly to make sure the organization’s cyber security posture evolves with the cyber threat landscape. That’s why we always recommend combining our professional vulnerability assessments with our comprehensive penetration testing services, and since the human element in any security chain is typically the weakest link, that’s why we also put such strong focus on social engineering throughout. And since we have the real-world experience and an extensive, proven background covering a wide array of clients, we can typically flat-rate proposals to take the guess work out of the process. We also try our best to promote regularity by offering even further discounts when organizations sign up with us for bi-annual, or quarterly assessments and testing. The added advantage to that is we will find and eradicate any malware or intrusion that may have come into existence between cycles, and with many intrusions today often lasting months or even years, it’s much better to spot it and fix it sooner rather than later, not to mention far and away less costly to the organization in the end.”
*Global Digital Forensics is a recognized industry leader in the fields of computer forensics, electronic discovery (eDiscovery), cyber security and emergency incident response, with years of experience assisting clients in the government, banking, healthcare, education and corporate arenas. For a free consultation with a Global Digital Forensics specialist, call 1-800-868-8189 about tailoring a plan which will meet your unique needs. Emergency responders are also standing by 24/7 to handle intrusion and data breach emergencies whenever and wherever they arise. Time is critical if a cyber incident has occurred, so don’t hesitate to get help. For more information, visit our cyber security page.