The Equifax data breach in which millions of Americans had their personal details stolen may have been carried out by a foreign government in a bid to recruit U.S. spies, experts believe.
Off the back of this, please see comments from Terry Ray, senior vice president and Imperva fellow who talks about how this is a sign of the growing trend of global cyberwarfare.
BBC News – Russia considers 'unplugging' from internethttps://t.co/nalJsx9r87 #CyberWarfare #cybersecurity
— Mark J. Drenth (@infonyourmark) February 12, 2019
Terry Ray, Senior Vice President at Imperva:
“The way I see it, the fact that the stolen Equifax data hasn’t appeared in 18 months is no “great mystery” at all – it’s just a likely confirmation that the attacker was a nation-state, which aligns with the current trend in global cyberwarfare. These sophisticated state-sponsored hacker armies are no longer just focusing on attacking government agencies and other traditional targets, but also civilian enterprises and civilian data, largely in an attempt to sow discord and confusion. About three years ago, the U.S. Department of Defense issued a warning that foreign nation-state hackers were targeting not only government contractors with advanced persistent threats (APTs), but also academic institutions. The FBI reportedly issued a similar warning on the same day, indicating that Chinese hackers were equally interested in compromising sensitive data held by commercial enterprises in the U.S.
It’s no surprise this trend has continued. After all, nation-state hackers aren’t going after the private sector in the absence of anything better to do. They’re doing it because their efforts can pay off big dividends in the long run when it nets them secret and useful economic, military and national-security information down the road.
In order to ensure protection, organisations need to be far more informed about their data – and not just the data they perceive as top priority. They have to rely on more than their internal priorities alone because so many other perspectives and variables are at play. The only thing they can do, then, is to watch their data. All of it.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.