Wednesday, July 15, 2020

Lessons Learned from the Most Impactful Breach in U.S. History

Lessons Learned from the Most Impactful Breach in U.S. History

By Alastair Paterson, CEO and Co-Founder, Digital Shadows

While Equifax is the latest major data breach to hit the headlines, we know it will not be the last. How prepared is your organization if you were similarly targeted?

As we all know, the impact of the Equifax breach is widespread, potentially affecting 143 million individuals in the U.S., Canada and the UK whose personally identifiable information (PII) and (to some extent) financial information was accessed by malicious actors. The exact impact is yet to be seen and depends on the motives of the attackers and the ways in which they plan to use the data, but any exposure puts individuals at risk. We’ve also seen tremendous impact on the company as a result of the breach, including a dramatic drop in share price, reputational damage, and job losses for some senior staff members including the CEO. There’s more to come as the total costs of dealing with the breach itself mount and the incident makes its way through the legal system.

In the midst of National Cyber Security Awareness Month and with the pain of this breach fresh in our minds, now is an appropriate time to reflect on the lessons we can learn before, during and after discovering a breach to address gaps in processes and technologies and help prevent, detect and mitigate these types of threats.

Before the breach

Equifax has said that the initial intrusion was through exploitation of a vulnerable Apache Struts web application. It turns out that prior to the intrusion multiple alerts about exploitation of this particular vulnerability were issued and a patch was made available. However even without following recommended patch management programs, implementing other basic security principles could have mitigated the damage.
Lessons:

  • Maintain awareness of what an attacker can see regarding your infrastructure, people and processes so you can see potential weaknesses and points of access for attackers.
  • Understand what methods attackers are using against your sector so you can proactively protect your valuable digital assets.
  • Establish and maintain a threat intelligence program and act on the intelligence.
  • Implement and follow general cybersecurity good practice measures, such as defense-in-depth, and include vulnerability and patch management.
  • Protect your sensitive information through the use of encryption and network segmentation.
  • Educate users on the importance of password hygiene and strong authentication requirements.
  • Go a step further and assume a breach will occur and plan for this outcome. Ensure your strategy, people and processes are in place in advance.

After discovery

Not only did Equifax have to deal with the fallout of the breach itself, but unusual trading activity in Equifax shares have provoked suspicions of insider trading and a criminal investigation. Further, Equifax’s infrastructure to handle customer inquiries proved inadequate and some of the strategies put in place to address customer concerns in the wake of the discovery backfired.

Lessons:

  • Control knowledge of a breach to trusted individuals to prevent collateral damage; no matter how swiftly an organization moves there will always be some lapse in time between discovery and disclosure.
  • Anticipate fallout and prepare for announcements by analyzing the possible consequences of decisions to mitigate negative publicity and outcomes.
  • Closely monitor response and make arrangements for extra bandwidth capacity – both infrastructure and people – to handle an initial flood of inquiries if needed.

After public disclosure

Once a breach is disclosed, researchers and opportunistic malicious actors will look for additional weaknesses in infrastructure. After the Equifax breach an insecure portal used to manage credit report disputes was discovered. When the news becomes public immediate questions arise as to who was responsible, what data was compromised and how the data is being used. The answers to these questions can dictate the impact of the breach to the organization and its customers.

Lessons:

  • Communicate clearly when a breach happens, stating the knowns and unknowns publicly; speculation from media and researchers can damage reputation.
  • Look for your compromised data online to try to discern the attacker’s motive, if not identity; understanding whether the motive was financial gain may help mitigate against prolonged malicious activity. For example, knowing that financial fraud is imminent helps to put counter measures in place.

U.S. Headquarters Dig

The Equifax breach has had a damaging impact on the company and has put its customers at risk. But it has also served as a wake-up call for organizations around the globe. Security professionals and executive management can use this as an opportunity to identify areas they can address to better prepare for and deal with a breach. In the weeks and months to come as more information comes to light, it’s in our collective best interest to focus on gaining a deeper understanding of what we can do to mitigate risk.

MOST READ

Bahraini artists to create sculptures for new Passenger Terminal Building

Minister of Transportation and Telecommunications and Bahrain Airport Company (BAC) Chairman, Kamal bin Ahmed Mohammed, paid a visit to the Bahrain International Airport Marble...

Batelco to Launch “Global Zone Kuwait” in Partnership with Ooredoo Kuwait

Batelco, the leading digital solutions provider in Bahrain has announced the establishment of “Global Zone Kuwait”, which will offer an ecosystem platform to further...

National Taskforce for Combating Coronavirus highlights measures taken to mitigate the spread of COVID-19

The National Taskforce for Combating Coronavirus (COVID-19) held a press conference at the Crown Prince Centre for Training and Medical Research at the Bahrain...

Building The Strong Pillars of the Kingdom’s Economy: Interview with Mr. Farouk Yousuf Almoayyed

Established in 1940, at the start of World War II, Y. K. Almoayyed & Sons is the result of late Mr. Yousuf Khalil Almoayyed’s...

GoPro now lets you transform the Hero 8 into a webcam

You might not be getting much use out of GoPro’s outdoor action cameras during the coronavirus pandemic, so GoPro is making it a lot...

BRAVE CF back to representing Bahrain on the global stage

BRAVE Combat Federation, a product of His Highness Shaikh Khaled bin Hamad Al Khalifa's vision, is back to holding events across the world, taking...

Bahrain’s anti-coronavirus experiences highlighted at IPU webinar

Bahraini parliamentarians have highlighted the Kingdom’s experiences in managing the COVID-19 pandemic and the measures taken to protect society from the repercussions of the...

WHO supports HRH Premier’s award for distinguished doctors

His Royal Highness Prime Minister Prince Khalifa bin Salman Al Khalifa has received a letter from the World Health Organization (WHO) Director-General, Dr Tedros...

Zain Group joins ‘The Valuable 500’ to unlock opportunities for people with disabilities

Zain Group, a leading mobile telecom innovator in eight markets across the Middle East and Africa, proudly announces its inclusion in The Valuable 500,...

Plus Rental Buys 10 Nissan Urvan 3 Seater Vans for Aramex

Y.K. Almoayyed & Sons, the sole distributor of Nissan vehicles in the Kingdom of Bahrain is proud to have hosted a special delivery ceremony...

The Ritz-Carlton, Bahrain Launches New Virtual Room

As leading technology companies are planning to make remote working the ‘new normal’ and users of major virtual conference services such as Zoom and...

INJAZ Bahrain concludes its 12th annual Young Entrepreneurs Competition in a virtual ceremony

INJAZ Bahrain has successfully concluded this year’s version of its annual Young Entrepreneurs competition, which was held online for the first time ever on...

A single mobile app for your Electricity & Water (EWA) services

Hand-in-hand with the Information & eGovernment Authority, the Electricity & Water Authority (EWA) provides its services to cater to public’s regular needs making demanded...

stc Bahrain pioneers ahead in 5G technology

stc Bahrain, a world class digital enabler, announced the launch of the Kingdom’s first integrated large-scale indoor 5G commercial deployment, setting a new benchmark...

Lulu Hypermarket Welcomes Shoppers to Expanded Dana Mall Store

Lulu Hypermarket’s Dana Mall flagship store has expanded to serve up a whole new shopping experience for eager Bahrain shoppers. Now 40% much large,...