Last week, I ran across a column by CNN’s Sean Lyngaas called Hackers Have Breached Organizations in Defense and Other Sensitive Sectors. Security firm Palo Alto Networks recently discovered that suspected foreign hackers have breached nine organizations in the defense, energy, health care, technology, and education sectors. These nine confirmed victims are the “tip of the spear,” according to Palo Alto Networks executive Ryan Olson.
It’s not clear how the hackers compromised the victim organizations, but they stole passwords so they could maintain long-term access to these networks, not to mention infiltrate unprotected Data At Rest (DAR).
Long-term access by hackers is an insidious threat. In the 2020 SolarWinds attack, the Russian Foreign Intelligence Service injected malicious code into a software program called Orion. Orion is used by tens of thousands of companies, organizations, and government institutions around the world to manage their networks. This attack wasn’t discovered for months. By then thousands of user networks had been compromised, including U.S. Federal agencies like the Pentagon, State Department, Department of Energy, National Nuclear Security Administration, and Treasury. Especially embarrassing was the fact that the hackers used this attack vector to work their way into the Cybersecurity and Infrastructure Security Agency (CISA),the group at the Department of Homeland Security charged with protecting Federal computer networks from cyberattacks.
In a “supply chain attack” called Zombie Zero, a contract manufacturer worked hand-in-hand with a hacker organization. The manufacturer loaded compromised firmware into handheld barcode scanners. These scanners were then distributed to targeted organizations, which including several Fortune 100 companies. When one of the scanners was installed on a network inside a victim company’s firewall, it infected the network and exfiltrated every piece of scanned data (item type, source, destination address, and more).
The huge responsibility of setting the vision, strategies and programs to protect data from cyberattacks falls on the shoulders of the chief information security officer (CISO). Tripwire.com has a series of articles discussing the role of the CISO, including an interesting interview with Mark Ruchie. Mark is the CISO at Entrust, which happens to be based in my hometown Minneapolis (Go Twins!). Entrust helps financial institutions, corporate enterprises, national governments, and other organizations establish trusted identities and conduct highly secure transactions.
Mark talked about the transition from being a US Air Force second lieutenant to managing global-scale cybersecurity. He also discussed threats to public cloud environments, multi-factor authentication (MFA), endpoint detection and response (EDR), and extended detection and response (XDR).
Most of what Mark discussed referred to securing data in use and data in flight, though clearly the need to secure Data At Rest is a critical piece of a zero-trust solution. When zero trust assumes that the threat or actor is already present, organizations must ensure that not everyone is allowed access to all data inside the organization. The days of physical perimeters have long passed. Many recent security breaches and data loss incidents have been traced to unauthorized access to sensitive information. Computers and/or their drives are lost or stolen. The importance of securing stored data will always be necessary.
At DIGISTOR, we specialize in helping military and government agencies, OEMS, system integrators, and commercial organizations find the right encrypted storage solution to secure their DAR. With a wide range of secure storage offerings, from bare drives to removable solutions to Commercial Solutions for Classified (CSfC)-ready SSDs, we can help. If you have any questions as to securing Data At Rest might apply to your own data security requirements, please feel free to contact us.
Whitepaper: Is Your Data at Rest (DAR) Truly Secure?
Article on EEJournal.com: Secure Your Data at Rest, Stupid!