Homeland Security Issues Cyberattack Warning
Department of Homeland Security has issued a cyberattack warning that involves malware being implanted within critical systems in the IT, healthcare, communications and critical manufacturing industries throughout the country.
“These attacks could lead to full network compromise, long-term undetected attacks, and compromise/exploitation of systems and data, essentially putting both operations and patient safety at risk,” Mac McMillan, the president of the security consulting firm CynergisTek said to Bank Info Security.
This attack has been happening since at least May of 2016, and the hackers are using stolen administrative credentials to access the vulnerable systems. This means that companies without identity verification systems are at substantial risk to the attacks.
Outcome From the Attacks
DHS is still investigating the attacks, and they believe that targeted organizations could lose all of their sensitive proprietary information permanently. Some organizations are also at risk of losing millions of dollars due restoring any lost or compromised systems and files.
What Caused the Attacks
Since attacks are still being investigated, it’s not entirely known what has caused the attacks on the systems, although it’s safe to say that a lack of security protocols probably played a big role. The fact that administrative credentials were so easy to steal means that these organizations don’t have multifactor authentication set in place for their systems.
It has to be said until every organization realizes the danger: identity proofing yourself and the systems that store your valuable data is one of the most important security measures you can take. To take even more proactive steps, having a vendor risk management security solution will protect you from any third party vendors who might be malicious with your business.
How to Detect if You’ve Been Attacked
“All organizations that provide IT services as a commodity for other organizations should evaluate their infrastructure to determine if related activity has taken place,” noted the DHS in their alert. “Active monitoring of network traffic for the indicators of compromise… as well as behavior analysis for similar activity, should be conducted to identify command and control traffic”.
You can read more on the story from Bank Info Security, here.