It was recently reported that U.S. Investigation Services (USIS), a major provider of background checks for the U.S. Government, experienced a network compromise. Details surrounding this compromise, such as the method used and the data affected, have not been released. Suffice it to say, given the nature of the work conducted by the USIS, the potential for a compromise of extremely sensitive data, remains high. Similarly, the UPS Store, the shipping and business service retailer, recently disclosed that 51 of its stores in 24 states experienced a data breach caused by a malware. In the UPS breach, additional information was available about the type of data compromised, in this instance, customer credit card data. In the UPS case, we are still awaiting answers about how the malware infection occurred.
While the investigation is ongoing in both of these matters, we are left to make assumptions as to how these compromises succeeded. What can be learned, even before the findings are made public, is the importance of an active and dynamic network security program for both private and public entities. The reality is that motivation for compromising network systems varies from hacker group to hacker group. For some the motivation is monetary, for others it is political (backed by a nation state), and for others it is activism. Regardless of the motive, it becomes clear that all companies and government agencies are potential targets.
Although we don’t yet know how the USIS and UPS Store compromises succeeded, based on recent trends it was most likely a combination of end-user action and the ability of hackers to take advantage of network security vulnerabilities. On the end-user action side, we must continue to remind our network users to employ the utmost care in opening e-mail attachments or clicking on links embedded in e-mail messages. Preventing most network intrusions and data breaches, starts with educating the end-user. However, because we don’t live in a perfect world and when mistakes do occur, security vulnerabilities should be proactively identified and remediated through penetration testing, IT security audits, and regular vulnerability scans.
MSA Investigations cyber-security professionals work with clients to analyze IT networks, perform penetration testing, and develop incident response plans to protect private information from both external and internal threats.
For more information contact MSA Investigations.