Let’s be honest: When it comes to data breaches, it’s more fun hearing about titillating pictures of celebrities being stolen than the average cybercrime. But with all due respect to the celebrities whose privacy has been invaded, there’s a very different new hack that will likely take up far more of the FBI’s time, and with good reason. This one potentially affects millions of consumers who did nothing worse than shopping at Home Depot.
If this has the whiff of déjà vu, it should — it’s very much like the massive breach that occurred at Target’s retail outlets late last year. That one, you might remember, directly involved the financial information of 40 million customers, and the personal information (includes addresses and phone numbers) of 70 million individuals. The same intrepid security reporter who broke the news of the Target breach is now saying that numerous banks are “seeing evidence that Home Depot stores may be the source of a massive new batch of stolen credit and debit cards that went on sale this morning in the cybercrime underground.”
So why does this keep happening? And what can be done to prevent it?
First — and many institutions are surprisingly reluctant to accept this premise — security has to be seen as a top-level business priority rather than an IT-specific issue. Just ask Target: The company has registered a drop in store traffic, profits have fallen significantly and several executive heads, including the CEO, have rolled in the aftermath.
Compared to that episode, this new breach could be. . .even worse. Home Depot actually has more U.S. locations than Target, which means more (and more disparate) customers. And in this instance, there’s already informed speculation that the perpetrators may be the same Eastern European hackers who invaded not just Target but also Sally Beauty and P.F. Chang’s, and many others that didn’t get the same attention. The evidence also indicates that the stolen cards are currently being shopped around on the same underground store used in those cases.
Another and potentially more insidious fear is that in every such episode, there might be internal parties involved or an attacker posing as an employee on the network — both are equally dangerous. Corporations are understandably inclined to trust their employees, and most deserve that trust, but all it takes is one bad apple or stolen credential for things to go terribly wrong. Ignoring insider threats and putting blind faith in your team is naïve and careless. So is assuming that data is secure if it is within your data center.
In a cloud-based infrastructure that is designed specifically to offer great flexibility, it can be ridiculously easy to gain the administrative controls needed to hack into sensitive databases or even crash the system from a laptop. It’s been done, and done often.
So even before all the details are in, let’s hope that this is a real wake-up call. The interconnected data centers linking vendors, financial services providers and consumers carry an incredible concentration of risk, and represent an irresistible goldmine for attackers. Making information security a top priority isn’t just sound IT policy, it’s good business.
Eric Chiu is co-founder and President of HyTrust.
No comments:
Post a Comment