Computer hackers by and large focus on the weakest link of an organization’s security system. Whether it’s an unprotected server, a newly discovered system vulnerability, or an unsuspecting employee’s computer that is connected to the corporate network, cyber criminals are experts at sniffing out the weakest link.
On the surface, this week’s breach of 90,000 military e-mails and password hashes may look the same. After all, the hackers claiming responsibility for the break-in did so through an unsecured server in a network that basically had no security measures in place. What’s different about this attack, however, is the exploited server was not the military’s. The server belonged to government contractor, Booz Allen Hamilton. In other words, this criminal strategy went beyond the walls of an organization’s own network defenses.
In the case of the Epsilon security breach, where millions of customer email addresses were compromised, hackers targeted a single entity to steal private data on many of the marketing giant’s big-name customers like Chase, Citi and Target. The Booz Allen hack reverses that scenario. Instead of going after one to get to many, cyber criminals targeted multiple entities to get to one.
Much like the supply chains of the 1990s that tied systems together, today’s business enterprises are built on the same idea. Unfortunately, with a number of different partners connecting in real-time to a central network, an organization’s security is only as good as its partners’ security practices. If even a single partner does not adhere to today’s best practice security standards, what will result is a weakest link of the chain. Cyber criminals know this, and this week’s military breach is a prime example of what happens when hackers exploit a business partner to get to another business.
In today’s world, the epicenter of a cyber attack isn’t necessarily at the core of your network anymore. With so many endpoints connecting to your enterprise, how can you protect yourself when you can’t control the assets people use to get to your network? The fact is, organizations and people are getting hit in and between companies. The fight against cyber crime is becoming more about the weakest link in the entire value chain, not the organization, itself.
Insisting on best practice security standards from all of your partners can be a first step to protecting your endpoints from attacks that start outside of your network. However, relying on your partners to maintain updates to ensure your corporate policies are enforced can potentially leave your network vulnerable to outside attacks. That’s why when pushing security standards, we recommend mandating a proactive security posture for your own endpoints and those of all of your partners. Naturally, we feel strongly that deploying an application whitelisting solution like CoreTrace Bouncer is a key component of that proactive strategy.
by JT Keating
No comments:
Post a Comment