The rash of significant security breeches including Sony, RSA, Lockheed Martin, Epsilon mark a watershed moment in cybersecurity. In general, most attacks of the past could be classified as being based on opportunity. Not anymore. These attacks were all specific targets that comprise espionage and malice of government and corporate institutions. They have become increasingly sophisticated in nature. In the case of Sony PSN, the compromise was known to have covered their tracks to evade detection. In the case of RSA and Lockheed Martin, the linking of these compromises signifies a directed campaign against these institutions. At a minimum it appears that in that case, the attack on Lockheed-Martin was executed by a group seeking to sell to or acted as an agent of a foreign agency of some type. Naturally Lockheed-Martin has not released specifics on the attack, but it is interesting that recent calls by U.S. officials have stated that all retaliatory options are on the table in the event of a “cyber incident”. With this RSA-Lockheed Martin event, there is a certainty that other federal contractors are locking down right now, and an almost certainty that another target will fall, be it corporate or federal in nature using a similar directed attack.
With corporate reputation, customer information, and national security on the line, organizations must double down on security efforts and just like many other challenges, it all starts with applied basics. Locking down all systems, active log monitoring, perform penetration testing, develop and follow your security plan, and train your people. Phishing and other social hacks are tied to a number of these initial compromises and the training of people to have awareness will reduce opportunities for initial footholds into systems.
In general, expense of effort and resource towards security is not a revenue-generating endeavor. But federal and corporate organizations will likely move towards closing security gaps. With renewed alignment of security objectives, communication of those objectives, and resources allocated to these ends, we are witnessing the genesis of sweeping changes in security. The stakes are higher than ever as a majority of the country’s interaction in their daily lives with computing services steadily increases. The mind of a hacker directs them to what a person wants to protect the most, and then targets that specific thing. The mindset of an organization however should be a holistic and consistent approach to people, process, and technology and it appears that may start for some organizations today.