Security pros say the Twitter hack highlights how a simple combination of phishing and ‘insider threats’ is the biggest security risk companies need to worry about
Top cybersecurity experts say Wednesday must be seen as a major wakeup call at a time of pandemic, economic uncertainty, and upcoming elections. Allowing the phishing-insider threat combination to persist could bring about a significant loss in the public faith in major world events, the experts say. Wednesday’s Twitter hack — in which some of the most influential social media accounts in the world were commandeered in a bitcoin scam — may seem like the ultimate prank in a long history of social media hacks. But it’s much more than that, say a half-dozen security experts who believe it should serve as a serious warning for the upcoming elections and other world events. While Twitter has yet to release many details about how the incident happened, the company believes it was a “coordinated social engineering attack” on an employee.
Insider-threat security experts unravel the new normal during this time of remote working, and explain how to protect sensitive data from this escalating risk. Insider threats are ramping up – with new kinds of concerns in this category beginning to emerge. This is happening against a heady backdrop: Makeshift home offices, a cavalcade of new distractions and a tectonic shift to the cloud have recently collided to create an entirely new world for enterprise security. It’s a world where companies are simultaneously trying to make all their information available to a diffuse remote workforce, while locking down their most sensitive information. Meanwhile, there’s an expanding roster of potential bad actors ready to take advantage of the confusion. On the insider-threats front, when it comes to knowing precisely what valuable information your company has in its possession, privileged IT users and administrators are the most lethal. Insider threats like these can get easily overlooked, with catastrophic consequences to the entire business, from IT and marketing to customer service.
Bottom Line: Shattering the false sense of security in tech, the recent Twitter hack blended altruism, fame, greed, social engineering via SIM swapping and insider threats to steal $120,000 from victims when the economic and political damage could have been far worse.
In the wake of yesterday’s landmark ruling by Europe’s top court — striking down a flagship transatlantic data transfer framework called Privacy Shield, and cranking up the legal uncertainty around processing EU citizens’ data in the U.S. in the process — Europe’s lead data protection regulator has fired its own warning shot at the region’s data protection authorities (DPAs), essentially telling them to get on and do the job of intervening to stop people’s data flowing to third countries where it’s at risk.
The news: Russian hackers targeted UK, US, and Canadian researchers developing coronavirus vaccines, according to a report from the United Kingdom, American, and Canadian intelligence services. The hackers: The Russian intelligence hacking group known as Cozy Bear or APT29 has been blamed. You might know Cozy from its many previous high-profile cyber-espionage ventures, most notably hacking the Democratic National Committee in 2016. The prize: “Throughout 2020, APT29 has targeted various organisations involved in COVID-19 vaccine development in Canada, the United States and the United Kingdom, highly likely with the intention of stealing information and intellectual property relating to the development and testing of COVID-19 vaccines,” according to the bulletin published by the UK’s National Cyber Security Centre today.
To protect enterprise data, IT teams have to counter risks on two fronts: insider risks where threats come from within the organisation, such as employees handling sensitive data; and outsider risks that originate from malicious external sources. Data loss prevention (DLP) capabilities within a CASB (cloud access security broker) solution have emerged as the most effective platform to prevent legitimate remote users from accidentally or maliciously sharing business data that could put an organisation at risk. Providing visibility into all types of cloud-based applications (SaaS, IaaS and PaaS) running across all types of devices, both managed and unmanaged, is a prerequisite for securing business data against insider threats.
As staggering as this estimate from Research and Markets may seem, it shouldn’t come as a big surprise since cyber attacks have become so rampant that they’re now considered a global threat. Companies are scrambling to adopt various security solutions to mitigate the various attack methods that hackers now employ. Some business leaders think that the more tools they deploy, the better protected they are. However, they often overlook the need to test whether their deployed solutions actually work or if their defensive perimeters have any gaps that attackers can exploit. The stark reality is that it only takes a single vulnerability for hackers to infiltrate your network. Fortunately, checking your defenses is now possible through a variety of testing methods. You can perform vulnerability scans, penetration tests, deploy red and blue teams, and perform breach and attack simulations (BAS). The first two methods are great, but they have limitations. This is why the use of BAS technologies is emerging as the popular approach to testing.
Algorithms can now be considered trade secrets or even patent-worthy. Prevent them from being stolen by taking these security steps. Ogilvy is in the midst of a project that converges robotic process automation and Microsoft Vision AI to solve a unique business problem for the advertising, marketing and PR firm. Yuri Aguiar is already thinking about how he will protect the resulting algorithms and processes from theft. “I doubt it is patent material, but it does give us a competitive edge and reduces our time-to-market significantly,” says Aguiar, chief innovation and transformation officer. “I look at algorithms as modern software modules. If they manage proprietary work, they should be protected as such.” Intellectual property theft has become a top concern of global enterprises. As of February 2020, the FBI had about 1,000 investigations involving China alone for attempted theft of US-based technology spanning just about every industry. It’s not just nation-states who look to steal IP; competitors, employees and partners are often culprits, too.
American border patrol already has significant surveillance powers and collects vast amounts of data on who is flying into and out of the country. But the U.S. has another tool to watch over travellers across the world thanks to a little-known but influential Texan business called Sabre. As the biggest of three companies that store the vast majority of the world’s travel information—from airline seats to hotel bookings — Sabre has been called on to hand over that travellers’ data and, on at least one occasion, do “real-time” tracking of a suspect. And, say former employees, the same powerful trove of information could be used to help monitor the spread of the Covid-19 pandemic.
Agency to review potential violations of 2010 settlement. Facebook last year paid $5 billion for breaking privacy pact. Twitter Inc. may face a large fine from U.S. regulators after a hack of several high-profile accounts including former President Barack Obama and Amazon.com Inc. Chief Executive Officer Jeff Bezos. The Federal Trade Commission will review whether Twitter violated a 2010 settlement that resolved allegations that the company failed to safeguard consumer information in a 2009 hack, according to a person familiar with the matter. The 2009 incident, like the recent one, involved phony tweets from some accounts, including then President-elect Obama’s.