It seems like every week is an eventful week in cybersecurity, and this week didn’t fall short of company data breaches, celebrity hackings, and government executive orders. In case you missed any of the big news stories this week, we’ve highlighted and summarized a few for your reading pleasure.
U.S. is the Target Of Massive Cyber-Espionage Campaign
According to sources reporting on the classified National Intelligence Estimate, the U.S. is said to be the target of a massive, ongoing cyber-espionage campaign, which threatens the country’s “economic competitiveness.” The assessment does not give figures for the potential financial impact, but experts estimate it to be in the tens of billions of dollars. China is named as the country most aggressively seeking to penetrate the computer systems of American businesses and institutions, but three other countries also made the list — Russia, Israel, and France. China has staunchly rejected the claim, saying the Beijing government neither approves nor executes computer hacking. The National Intelligence Estimate comes at a time when the U.S. government is making an intensive effort to develop security policies addressing cyber-espionage, an increasing threat to the nation’s economic interests. According to officials, the Obama administration is seeking ways to counter the online theft of trade secrets, and on Tuesday, the President signed a Cybersecurity Executive Order. See related story from ZDNet: Obama Signs Cybersecurity Executive Order Ahead of State of the Union.
Read the full story at the Washington Post website.
Over 300K LA Times Readers Exposed to Security Exploit
For over six weeks, The Los Angeles Times unknowingly had malicious code on its website. Originally reported by KrebsOnSecurity in early February, the code, located on its ‘Offers and Deals’ subdomain, redirected visitors to a malicious third-party site that is retrofitted with a Blackhole exploit kit. Krebs polled his social media followers, asking for indicators showing that the site was compromised. The response: yes – and it had been going on since at least December 23, 2012. The LA Times originally pegged the redirect on a glitch in Google’s display ad exchange, rather than a malware attack. Though shortly afterwards, people continued to report exploits coming from the site. Following these reports, Manning acknowledged that this was a separate problem from the Google display ad incident, and their tech team was working on it. According to site metrics firm Alexa.com, between December 23, 2012 through the second week in February, 2013, some 324,000 LA Times readers were likely exposed to the attack. In a statement released on the LA Times following the incident, they confirmed that the Offers & Deals platform had been rebuilt and ensured safety for all visitors to the site.
To read the full article and statement from the LA Times, visit KrebsOnSecurity.
Serious Data Breaches Can Take Years to Detect
According to the Trustwave Global Security Report, during 2012, it took companies an average of 210 days to discover a data breach (up from 2011). Also discovered, more than 60% of organizations hit by data breaches don’t notice what had happened for more than three months – a few didn’t uncover attacks for years. Other statistics from the report:
- 14 percent of attacks aren’t detected for up to two years, with one in twenty taking even longer than that.
- Retailers with cardholder data were the main segment targeted, accounting for 45% of breaches. Other targeted sectors: food and beverage (24% of attacks), hospitality (9%), and financial services (7%).
- Blackhole Exploit Kits were connected to 70% of all client-side attacks.
A key question that results from the report’s findings: why does it take so long for IT staff to notice the breaches? The most likely answer seems to be that too many organizations rely on antivirus or firewall software, and if attackers are able to successfully sidestep this security layer, there is no other system in place to notice the unusual behavior.
Read the full story at CIO.com.