Network Security Has Fundamental Problems

hackedADserver

A breach has many looks…

THE fundamental problem is highlighted in this article:

http://www.infosecurity-magazine.com/news/15mn-affected-medical-information/

Besides the obvious headline grabber “1.5mil records stolen by hackers.”

I am going to compile a few sentences from the article and then discuss:

{He added, “Every healthcare firm, large and small, that stores patient data is at risk of a breach and more needs to be done to protect consumers against these cyberattacks.”}

The Hackers had access to the network for 3 weeks before the company even knew of the breach. So it was very likely that PII (Personally Identifiable Information) with social security numbers, addresses, and names were taken.

I think this is the most interesting sentence:

{ “As other sources have also mentioned, authorities are also concerned that this information will be used to defraud the government, and they don’t even know how they’re doing it,” he added. }

In other words, once the criminals have PII data they can use the data in a variety of ways.

The fundamental problem I am referring to is that all it takes is one mistake, and the hackers have a breach, and after the breach they can exploit and control.

This Breach +Exploit-control takes time to find in the massive amount of false positives and other data streaming into the defenders screens.

The good news for this company is that they found a breach in 3 weeks… as normally it takes 7 months.

Why else was Sony such a spectacular failure? The hackers were in the network for months. Planning and plotting before executing their destruction plan.

 

Also not only do we find it difficult to find breaches, but we also have no way to stop the sale of the PII data stolen.

 

 

We must review our logs for breaches, but the very act is a problem, as the sheer volume of data causes a problem in resources.

We have to get better at finding breaches both out of our networks and once in the Darkweb (threat intel)  to confirm(or note) a breach.