Following news last week that Intel has suffered a breach in which hackers obtained financially sensitive information that forced the company to release earnings early, please find comment below from cybersecurity experts.
<p>Financial information, especially sensitive information that may directly be linked to share prices, will always be an enticing target for hackers. The most likely goal is to make a quick profit by selling information to investors or to use the information for their own benefit.</p> <p> </p> <p>Both the information that is leaked and the breach itself may have a direct impact on a company’s share price. This can be used to an adversary’s advantage by either investing with prior insider knowledge or by leveraging a sudden drop in share-prices caused by disclosure of the breach.</p>
<p>While financially sensitive information like a finance report doesn’t seem as valuable as a database full of credit card details or personal identifiable information, it’s a fact that it might be beneficial for attackers. Sometimes attackers execute a plan and for very specific databases and repositories, other times they are exploiting a vulnerability and grab whatever they find that looks valuable. In some cases, they fail to execute their plans and just grab whatever is available. While financially sensitive data might not be as valuable when selling it on the dark web, any sensitive information can be used to extort money from a company. Attackers might sell the information as insider information for trading/stock exchange – where it can be highly valuable. Until a breach is completely analyzed by forensic experts, you can’t be sure if or what data is affected – this is true for your whole network and also your partners. Looking at recent breaches, protecting sensitive information with a data-centric approach has become far more important than preventing breaches with classic perimeter defense.</p>
<p>This incident is a stark reminder of the impact a cyber-attack can have on a business. Intel should be commended for reporting the incident promptly and bringing forward its earning announcement – failing to do so could potentially have been damaging to both stock value and shareholder confidence. The response to an incident is essential. It\’s not just knowing that a breach has occurred, it\’s also about knowing what to do about it to minimise its impact. Strong incident response practices are therefore crucial and, as highlighted in the Intel case, not only about technical remediation but also about appropriate communications. </p> <p><br />Intel has seemingly avoided any legal, financial, reputational, and regulatory consequences that might have ensued as a result of its earnings being in the public domain by detecting the breach early and responding effectively to minimise the value of the sensitive information in the hands of illicit actors. In their efforts to shield financially sensitive information in the run-up to future earnings announcements, adopting a layered approach to security should be a key priority. This approach includes people, processes, and enabling technologies to reduce the risk, minimise the impact of a breach should one occur, and demonstrate diligence and best practice to shareholders, employees, and governing and regulatory bodies.</p>
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics