Our Solution
Back
OUR SOLUTION
Capabilities
Predict, prevent, detect, and respond
How It Works
People, platform, and process
Use Cases
By threat, environment, or industry
Talk to a Cybersecurity Advisor
See how we deliver managed threat protection
WHY NETSURION
Back
WHY NETSURION
Key Business Benefits
Powerful yet practical cybersecurity
Industry Leadership
Perennial recognition for innovation
Customer Success
Driven to be your trusted partner
Partners
Back
PARTNER PROGRAM OVERVIEW
Partner Program Benefits
Our solutions are built for service providers
Become a Partner
Grow your cybersecurity practice
Insights
Back
VIEW ALL INSIGHTS
Articles
Read the latest from our blog
SOC Catch of the Day
Real stories of threats we reel in daily
Cybersecurity Q&A Videos
Answering your toughest cybersecurity queries
Webcasts & Events
Join us in-person or online to learn more
Company
Back
MEET NETSURION
Leadership
Meet our management team
News
Press releases and news stories
Careers
Check out our current openings
Contact Us
Talks to sales or support
MyNetsurion
Support
Partner Portal
Contact Us
Once More Unto the Data (Breach), Dear Friends
Home
Insights
Articles
Once More Unto the Data (Breach), Dear Friends
5 min read
As I reflect on this year, a Shakespearean quote plays out in my mind – when King Henry the Fifth is rallying his troops to attack a breach, or gap, in the wall of a city, “Once more unto the breach, dear friends”. Sadly, this has become the new normal. But even more so, 2017 has felt like Lemony Snicket's,
A Series of Unfortunate Events
. There were massive data breaches, unintended exposures of sensitive information on the internet, and other unfortunate tech incidents.
Here are the five to illustrate the variety:
Dallas Emergency Sirens
: Just before midnight on a Friday in early April, all 156 of the emergency sirens in Dallas started sounding simultaneously for no apparent reason. The hubbub lasted a full 90 minutes before the sirens could be manually overridden and shut down, during which time panicked residents flooded 911 with calls. Dispatchers who typically pick up within 10 seconds were so overwhelmed that the wait time hit six minutes. Officials blamed hackers for the intrusion into their emergency alert system. Nobody had ever thought this could happen.
WannaCry
The National Security Agency has for years been diligently finding major weaknesses in commonly used pieces of software. Instead of alerting the affected companies about the vulnerabilities, however, it’s been hiding those aces up its sleeve for future use. This year, a group of hackers calling themselves the Shadow Brokers, stole a bunch of those exploits then proceeded to turn them loose on the internet. North Korea used one such NSA-developed hacking technique to target Windows, resulting in a piece of ransomware called “WannaCry” that crippled an estimated 230,000 computers around the world. Brad Smith, Microsoft’s Chief Legal Officer remarked,
"An equivalent scenario with conventional weapons would be the U.S. military having some of its Tomahawk missiles stolen.”
State Election Systems
: Russian hackers targeted election systems in 21 states during the 2016 presidential election (to say nothing of their
activity on Facebook
,
Twitter
, Reddit, etc.), as part of what the Department of Homeland Security called “a decade-long campaign of cyber-enabled operations directed at the U.S. Government and its citizens.” Jeanette Manfra, acting as assistant secretary for the office of cybersecurity and communications, told the Senate Select Committee on Intelligence that
"the cyberattacks were intended or used to undermine public confidence in electoral processes.”
: In September, consumer credit ratings agency, Equifax, revealed hackers had stolen the personal details of roughly half of all Americans – 143 million people. Equifax waited five months to tell anyone and then
bungled
its response, initially forcing those affected to sign a legal document prohibiting them from joining a class-action suit, then inadvertently directing potential victims to a fake phishing site which proceeded to steal yet more information.
Deep Root Analytics
: This summer, a Republican data analysis company called Deep Root Analytics left
exposed
a 1.1-terabyte online database containing the personal information of 200 million American voters. Not just birthdays and addresses, this leak included deeply personal information about individual voters, including their likely stance on abortion, gun control, stem cell research, environmental issues, and 44 other categories.
Will 2018 be better?
There is the promise of advancements in fields like AI and machine learning. And we could learn from our mistakes but nah, not really. I don't mean to be a
nattering nabob of negativism
. Given the increasing penetration of IT in every facet of life, so long as those tasked with administering these increasingly complex systems are equipped with weaponry from the last war, then it’s hard to see improvement.
Still bringing a knife to a gunfight?
SIEMphonic
can help level the odds.
Build, Buy, or Partner Your SOC
Download the Whitepaper
Related Articles
5 min read
Incident Response: Whose Job is It?
7 min read
Six Proactive Steps to Expand Attack Surface Coverage
10 min read
Best Practices for MSPs Offering Security Services