Global Hackers are having a field day
In September 2017, Equifax, the US credit monitoring agency, admitted that the personal data of 143 million US customers were stolen in a massive hack back in May 2017 and revealed that the company was also the victim of an earlier breach in March 2017. Last week Deloitte was hit by cyber-attack revealing clients’ secret emails with hackers securing details of top accountancy firm’s blue-chip clients.
Another day, Another data breach disclosure. Almost daily we are informed of major companies and cybersecurity systems that have fallen victim to a massive security breach. Recently Deloitte, one of the global auditors was also the victim of a cybersecurity attack that apparently went unnoticed for months.
Cyber risk is a business risk, not a technology or security issue
Deloitte is one of the largest firms in the US, reported a $37bn (£27.3bn) revenue last year and provides auditing, tax consultancy and cybersecurity advice to banks, multinational companies and government agencies. The targeted and sophisticated hack compromised the confidential emails and plans of some of its blue-chip clients.
The most massive hack so far was at Yahoo; the internet company disclosed that the total number of accounts compromised in the August 2013 data breach , was a record-breaking 3 Billion.
In this situation, the hackers could compromise the global e-mail server through an “administrator’s account” that, according to media reports, gave them privileged and unrestricted “access to all areas”. The account required only a single password and did not have a simple two-step verification. The hackers also had possible access to usernames, passwords, IP addresses, architectural diagrams for businesses and health information. As is usually the case, emails also had attachments with sensitive security, design and other confidential details.
Reverse-engineering after the attack is not foolproof
When a significant hack occurs, there is always an internal inquiry into how this happened, and often the enquiry gets a codename. (Windham, in Deloitte's case). The investigation involves experts to map out exactly where the hackers went in the IT and data systems, by analysing the electronic trail of the searches that were made to secure confidential data and where the hack originated.
The next step is to determine, review and analyse the documents that have been potentially compromised and establish whether a lone wolf, business rivals or state-sponsored hackers that were responsible for the hack.
The inquiry then goes through a forensics exercise to find out if the hackers had been unable to cover their tracks and to see where they went and what they compromised by regenerating their queries.
The cybersecurity response of the hacked company is based on the performance of the inquiry and detailed review by mobilising a team of cybersecurity and confidentiality experts inside and outside of the company. Companies then take steps to avoid future hacks (read; prevent similar hacks) by securing and restricting ‘cloud’ access, implementing a comprehensive security protocol.
As an aftermath exercise the review helps the company to understand what information was at risk and determine what the hacker did with the data and the related risk impacts, demonstrate disruption and the ability to continue to serve clients, or to consumers based on a Business Continuity exercise.
The fast-paced innovation enables strategic advantage to companies, but it also exposes businesses to potential cyber-attack. In 2012, Deloitte, a global operator was ranked the best cybersecurity consultant in the world.
Since all major companies are targeted by hackers, the breach is a profound embarrassment to them due to the dire consequences of the risks posed by sophisticated cybersecurity attacks.
Therefore, at the 11th annual GRC and IT Security Summit, we have dedicated an entire afternoon the cybersecurity issues with global experts; JP Rangaswami, Chief Data Officer, Deutsche Bank, Hans Henrik Aa Berthing, CPA, CRISC, CGEIT, CISA, CIA. Verifica, Chris Johnson, HSBC Securities Services, Jiri Kram, CEO, The Silicon Wharf, Perla Caston, Security Consultant, IBM. Register today. http://www.grcassembly.com/register.htm