The recent story out of Bloomberg about China’s alleged infiltration of the IT supply chains providing hardware to Apple and Amazon still has the security world has buzzing. Are the allegations true, could such a hack described in the story actually occur? Apple and Amazon continue to deny the report’s validity. No one is denying that IT supply chains could be compromised. To shed more light on how public and private sector organizations can reduce the odds of having their IT supply chains penetrated, Dtex Systems’ VP of Federal, David Wilcox, penned a byline for Nextgov. It highlights the importance of addressing the insider threat and external attack vectors. According to David:
No single defensive effort could fully protect the IT supply chain. The federal government will need to lend support and the private sector will have to approach the problem by doing all it can to address gaps in physical and digital security. Although the task seems daunting, there are steps public and private sector organizations can take to reduce IT supply chain risks.
David goes on to highlight and explain the four basic steps organizations should take to reduce supply chain risk. These include: 1) Vet vendors; 2) Address insider threats; 3) Manage vulnerabilities; and 4) Educate humans. For more detail on these steps, read the full article: To Reduce IT Supply Chain Risk, Watch for Insider Threats and External Attackers
As is typical, the final weeks of the old year and the first week of the New Year were filled with examples of insider threat data breaches. Here is a rundown on several:
SC Magazine: Humana says Bankers Life breach exposed PII on insurance policy applicants, by Teri Robinson. According to Teri:
Managed health care provider Humana said an unauthorized third party accessed system credentials of some employees at health insurance company Bankers Life, exposing “limited, personal information” of people who had applied for a Humana policy.
Although not always referred to as an insider threat, Dtex frequently observes instances where negligent actions provide outside attackers with access to networks; turning them into what we call “infiltrators,” which are outsiders who gain insider privileges.
For insight into the problem of credential theft, Teri called on Armaan Mahbod, Dtex Insider Threat Team manager. According to Armaan:
Defending against credential-based attacks is one of the most difficult challenges that organizations face today. When malicious actors get access to trusted insiders’ credentials, they are able to access systems, leap from server to server, and find their way to troves of sensitive information. Unfortunately, human error is exposing credentials at alarming rates.
While “visibility is a huge buzzword” that gets tossed around as a solution to preventing attacks, Mahbod said that simple visibility isn’t sufficient when it comes to detecting credential-based attacks. Organizations need context-aware capabilities in order to understand when credentials are being misused.
You can read more about how Dtex provides intelligence with context in: Modern Insider Threat Management: Machine Learning as a Non-Negotiable
Also last week, the security community was reminded of how easily it has become for employees with to gather, remove and store information outside of allowable parameters. There were several stories highlighting this reality. One in particular stood out.
SiliconANGLE, Former NSA contractor offers to plead guilty to data theft, by Duncan Riley. According to Riley:
A former U.S. National Security Agency contractor has offered to plead guilty to one charge of stealing a classified document in an apparent attempt to have multiple other charges dropped. Harold T. Martin III was arrested in August 2016 and was found in possession of 50 terabytes of government data, including documents marked “Secret” and “Top Secret.”
From the Privacy Files
In a world where data collection and analysis practices are increasingly scrutinized, businesses and governments alike are struggling to strike a balance between security and privacy. To assist both sectors in understanding how to ensure security without violating privacy, we commissioned Harris Poll to gain an understanding of how Americans feel about digital activity and behavior monitoring conducted for security purposes. Released in December 2018, the Dtex 2018 Privacy & Cybersecurity Index revealed that a majority of Americans believe it is acceptable for organizations spanning multiple industries to conduct user digital activity and behavior monitoring when it is done to provide defense against threats and breaches. The significance of the findings didn’t go unnoticed by the media. Among those covering the news were Katelyn Caralle of the Washington Examiner. According to the story:
Most Americans are OK with government monitoring Internet use if it will help defend against cyber threats.
A new survey released by Dtex, a company that analyses and tracks Internet user behavior, showed a majority of Americans don’t mind government and social media monitoring citizens online if it will protect against those attempting to obtain user data.
Access the report: THE 2018 CYBERSECURITY AND PRIVACY INDEX