The US is Fighting in the Cyber Trenches

Yes, the US is under cyberattacks – constantly

Being a rich superpower comes with a price, as the US found out the hard way. Especially American healthcare and financial organizations remain popular targets since they are rich pickings for cybercrooks. Infrastructure is another favorite, as are municipalities that often have outdated cyber defenses.

Looking back, 2017 was a peak year with 1.57B data breaches and close to 179M data records exposed (Source: Statistica).

Although it’s only April now, 2018 has already witnessed some pretty scary data breaches.

  • On January 3, 2018, the US Department of Homeland Security (DHS) announced that a former employee had made an unauthorized copy of a database containing the personal information of more than 240,000 current and former DHS employees.
  • In March 2018, JokerStash, a hacking syndicate, announced that it will release information on more than 5 million credit and debit cards stolen from Lord and Taylor and Saks Fifth Avenue.
  • According to the DHS and FBI, Russian government hackers targeted multiple U.S. critical infrastructure sectors, including energy, nuclear, commercial facilities, water, aviation, and manufacturing in March 2018.
  • On March 22, the computer systems of the City of Atlanta were breached by a ransomware attack that crippled the city’s online systems. The hackers locked the data and would only unlock it once they received $51,000 in bitcoins.
  • At the same time, Denver was hit by a ransomware attack pulling down important websites, including denvergov.org and pocketgov.org, and online services. Since the city was able to control the damage, no ransomware was paid.
  • In March 2018, hackers tried to shut down the Baltimore 911 system. The threat was isolated successfully and no other servers or systems across the city’s network were affected.
  • On March 25, Boeing was hit by a cyberattack. Few machines of the company were attacked, while the production equipment remained safe.
  • At the end of March 2018, the FBI announced that 9 Iranian hackers (who worked together with the Islamic Revolutionary Guard Corps, the Iranian hacker network aka the Mabna Institute, and the Iranian government) attacked the computer systems of 144 American universities and stole 31.5 terabytes of valuable data, including scientific research, dissertations, and journals.

What does this teach us? On the hacker side, government-sponsored hackers have joined the fight. As we have seen above, state-sponsored cyberattacks aimed at the US are no exception. In a previous blog, we explained the intricacies of Iran’s cyberwar. As Cymulate, we predict that more such attacks from nations hostile to the US will follow. But ransomware attacks on municipalities will also continue, following the Atlanta and Denver attacks.

To shift gears, the burning question that keeps being asked in board rooms across the US today is: What can be done right now to make sure that our organization will not be hacked and we lose our valuable data?

The answer lies in a comprehensive approach consisting of:

  1. Identifying critical assets
    Organizational networks have grown rapidly, spanning a variety of ecosystems, from virtualized data centers to multi-cloud environments. Combined with the growing number of endpoint devices attached to the network and IoT devices, keeping all of them secure has become a major headache. It’s hard to keep clear visibility of the security posture in this fast-shifting infrastructure. Using a BAS platform such as Cymulate’s, allows organizations to get insight into the overall security posture and get recommendations for mitigation to prioritize (e.g., boosting the security of critical assets first).
  2. Performing risk assessments
    To really get ahead of vulnerabilities, finding out in advance where security defenses need to be bolstered is essential. Risk assessments help to understand the weak spots of the existing system and environment. With a Breach and Attack Simulation (BAS) platform, organizations can focus on protecting and monitoring their complex networks. It allows them to zoom in on those risks that have the greatest impact by constantly aligning their security and business objectives.
  3. Boosting the security of the network architecture
    Network architectures and security frameworks have a tendency to grow in size and complexity, which in turn makes security solutions and controls less effective and more complex.  As a result, the network will have blind spots and limited asset protection. To fully understand their strengths and weaknesses, organizations are advised to run assessments using a BAS platform.

Test the effectiveness of your security controls against possible cyber threats with a 14-day trial of Cymulate’s platform.

Start a Free Trial

Don’t speculate, Cymulate