The good, the bad, and the ugly of the last week
It’s been quite a week for cybersecurity as Anthem worked through the fallout from their massive data breach the week before, the federal government upped the ante on cybercrime, and Facebook implemented new tools for sharing threat information. But, then again, what week isn’t marked by some serious security news lately?
One message came through loud and clear amongst the security news: end users are often the weak link in the chain. Case in point: Jeb Bush. In the interest of transparency as he considers a run for president in 2016, the Florida governor released hundreds of thousands of emails. As The Verge put it,
“On its face it seems like a great idea in the name of transparency, but there's one huge problem: neither Bush nor those who facilitated the publication of the records, including the state government, decided to redact potentially sensitive personal information from them.”
That sensitive information included social security numbers, names of minors, and more. All of the cybersecurity measures in the world don’t prevent access to confidential information when you post it on a publicly searchable website.
Speaking of end users, investigators reported this week that Anthem’s troubles (“troubles” being an understatement almost as large as their data breach, which may be the largest breach in history) began with employees who fell victim to a phishing scheme. Five different employees, according to multiple reports, revealed network credentials as a result of the scheme.
You know what they say about phishing schemes - one phishing scheme begets another. Or maybe they don’t say that, but they could in the case of Anthem. Scammers are now sending out emails by the millions, claiming to be company representatives and offering credit monitoring to users who click on a supplied link. Not surprisingly, the link is used to steal even more personal information.
I promised not just the bad and the ugly, but also the good in cybersecurity this week. The first bit of good news comes from Facebook which has had its share of security challenges (one reported at the beginning of the month saw 110,000 users infected in just two days by fake links to pornography). To help companies better share threat information, Facebook launched ThreatExchange, an API-based service that lets participating organizations both query and publish data on the latest threats they are facing. According to Mark Hammell, manager of Facebook’s Threat Infrastructure team, the project’s “goal is that organizations anywhere will be able to use ThreatExchange to share threat information more easily, learn from each other’s discoveries, and make their own systems safer.” So far, tech giants including Yahoo! and Dropbox have signed up to participate.
The federal government continues it’s push for stronger cybersecurity measures as well. The White House announced the creation of a new early warning cyber threat center designed to improve security at government agencies. President Obama will also be at a summit at Stanford today where, according to ZDNet,
“The Obama administration is expected to announce executive action aimed at allowing private companies to share cyber-threat data with the government.”
It remains to be seen exactly how all of this sharing plays out, but few would argue that improving the exchange of threat data and increasing analytics and research on emerging attacks is a bad thing.
Now the question is, what will next week hold?