Infidelity website Ashley Madison may be the unfortunate company that grabbed the headlines for weeks this summer when its website was hacked and member details published on the TOR network but the prevalence of cyberattacks today means no organisation can afford to be complacent.
All data breaches can be costly and cause reputational damage but the very nature of Ashley Madison’s business – slogan “Life is short. Have an affair” – made this case particularly embarrassing for the company’s 38 million customers. It is already said to have led to a number of divorces and, tragically, one suicide. It is also potentially ruinous to Ashley Madison itself. After all, how many married thrill-seekers will now entrust their personal details to the company after such a high profile breach of trust?
Preliminary analysis of the leaked data revealed that almost 60,000 members have addresses in Washington DC and more than 15,000 accounts were linked to a.gov or a .mil email address, which could lead to repercussions not only at home but also in the workplace. The breach makes employees vulnerable to being blackmailed for further details that can be sold to a competitor or foreign government for considerably more than could be obtained from an individual.
Of course, Ashley Madison is not an isolated case. At around the same time it was attacked, the personal details of an estimated 18 million government employees were compromised by a cyber breach at the Office of Personnel Management (OPM) in the US. In this case the culprits are believed to have previously hacked into an OPM contractor and built their own backdoor access to the system, armed with high-level system administrator access. The theory is that these security credentials were then used to break into the OPM system.
All of this hacked information can be correlated so taking these two examples, we have the names and job titles of security-cleared government officials, which can be matched against data from the illicit affairs website for the purposes of coercion or blackmail. And, of course, these are just the more obvious ways of using and abusing the data.
While the UK suffers more cyberattacks than any other European country and is the second most targeted nation in the world[1], cyberattacks are a worldwide problem. Already this year, 81% of large companies have reported a security breach in 2015, costing an average of £600,000 to £1.5 million. And the rate of data breaches shows no signs of slowing down.
In August this year the details of up to 2.4 million Carphone Warehouse customers were exposed when hackers accessed names, addresses and dates of birth and bank details, together with encrypted credit card data for up to 90,000 customers, in a security breach.
As reported previously in AVAIL, increasingly, breaches take the form of Direct Denial of Service (DDoS) attacks. These employ Volumetric Attack techniques to cause the cyber equivalent of a traffic jam. These seriously hamper an organisation’s ability to respond to customers as its outbound network quickly becomes congested. Worse still, the affected servers can be commandeered to participate in DDoS attacks on others.
All organisations, public and private, face a constant battle to stay one step ahead of hackers who continue to find new ways to compromise their systems and steal confidential data. Cyber criminals are becoming increasingly effective, only needing to send 20 emails for every successful attempt to defraud or hack their targets. They are no longer the relatively harmless geeks of yesteryear rising to a technical challenge but more often organised crime gangs motivated by the prospect of financial reward.
Some of the most successful attacks rely on exploiting employee behaviour to circumvent your organisation’s defences. A common tactic is to deliberately drop a memory stick in a company’s car park, lift or other public area. (Interestingly, pink is apparently the most effective colour to use). Human nature being what it is, there is a strong chance one of your employees will pick it up and insert it into their PC’s USB port out of curiosity. They will inevitably click on an intriguingly named file or funny picture and, in doing so, unwittingly spread the executable code it links to throughout your network.
With the knowledge and opportunity to leave a ‘back door’ to your systems open, contractors and disgruntled or ex-employees are an organisation’s soft underbelly. Such vulnerabilities mean companies are frequently held to ransom. Mike Smith, Product Development Manager, Networks & Security for Sungard AS, cites one example of a customer he helped to prevent a threatened DDoS attack if a demand for payment of 50 bitcoins (around £9,000) was not met – and this is a far from unique occurrence.
Countering the threat
So what is the solution? According to Mike Smith, “The technology is out there to minimise the majority of threats but in our experience most customers are selective about the lengths they will go to, balancing the risk against the cost of preventive measures. They look at where they will get ‘the most bang for their buck’.”
He points out, “While these days a firewall is the norm and most organisations will also protect their web servers with a web application firewall, it’s not just a question of buying a few products. Companies need to be abreast of the latest global threats, understand where their vulnerabilities lie and implement a multi-layered strategy that includes active 24-hour monitoring of their IT environment.”
Sungard Availability Services partners with carefully selected security specialists, each expert in their particular field, to offer a comprehensive range of Managed Security Services designed to improve protection from the perimeter to the core. DDoS mitigation, which can be provided to Sungard AS customers as a standalone service through monthly subscription, is among the services offered yet despite the growing scale of the threat, astonishingly this has been taken up by only around 2% of Managed Services customers.
In this digital age, defending an enterprise is a far more complex and challenging task than ever before. Yet never has it been more important.
Would you like to find out more?
If you’d like to explore how Managed Security Services from Sungard AS could benefit your business, speak to your Account Manager, call us on 1800 938 122 or email avail@sungardas.com
[1] Source: 2015 Internet Security Report – Symantec