In many ways, the war between hackers and victims has moved into a more farcical position in the past few years, with fraudsters finding ways to break into the most heavily guarded and protected systems, stealing information and causing hundreds of billions of dollars in damage around the globe each year. Some researchers have forecast the total number of financial losses to breach the $1 trillion mark within the very near future, and the fact that the public and private sectors have not yet started to slow the spread is disheartening at best.
Now, before diving into the darkly humorous aspects of the modern cybercrime arena, it is important to point out that there will always be hackers who target well-protected systems and are so sophisticated that they achieve the breach regardless of what defenses are in place. As many experts have long asserted, there is no silver bullet in the cybersecurity arena, just ways to minimize risk and mitigate threats as proactively and comprehensively as possible.
On the flip side of that coin, though, sophisticated attackers that can break encryption or takeover systems in military departments of governments are few and far between. In many ways, the average business owner should not even concern herself with those types of attacks simply because the more common and likely threats are far more dangerous and voluminous, and will absolutely challenge her company's mettle soon if they have not already.
The vast majority of data breaches have been tied back to missteps taken by employees or negligence on behalf of decision-makers, while a high rate are also caused by malware that could be avoided altogether with the right type of training and security investment. At the end of the day, those companies that have the most sound protective practices in place, such as email encryption, data center controls and network defenses, will often be able to stay completely outside the purview of the common hacker.
Now, if anyone needed more evidence that the cyberwar has become a farce, here is another example of how serious matters have become, and just how unprepared some of the most prestigious entities in the world remain.
Iron Dome Blunder
Brian Krebs, writing for his blog KrebsonSecurity, recently reported that the Iron Dome defense system that is used by Israel to protect itself from missile attacks has been hacked. Yes, one of the most sophisticated weapons systems in the world - and one that is relied upon to protect the millions of citizens within Israel's borders - was breached.
According to the expert, the attacks, which are just beginning to hit the presses now following a study from a threat intelligence company, are believed to have taken place back in 2011 and 2012, while those who conducted the report affirmed that the thieves likely originated in China. Right now, officials are in agreement that three defense contractors involved in managing and controlling the Iron Dome system were victimized, while the attackers stole proprietary information.
The same old targets were found to be present in the investigation, and Krebs stated that the intelligence firm's authors believe the hackers were using relatively simple tactics to break into Word documents, emails, spread sheets and more.
"Once the actors established a foothold in the victim's network, they are usually able to compromise local and domain privileged accounts, which then allow them to move laterally on the network and infect additional systems," the authors explained, according to Krebs. "The actors acquire the credentials of the local administrator accounts by using hash dumping tools. They can also use common local administrator account credentials to infect other systems with Trojans. They may also run hash dumping tools on Domain Controllers, which compromises most if not all of the password hashes being used in the network. The actors can also deploy keystroke loggers on user systems, which captured passwords to other non-Windows devices on the network."
In Krebs' story on this matter, other common outcomes were found to be involved, such as the contractors and Israeli officials pointing fingers at one another, and a serious breach not being detected for years.
Lesson learned, yet?
Although the average business owner or health care organization decision-maker might not be all that interested in weapons defense systems, the point to take away from this story is that even the most sensitive and sophisticated technologies continue to be hacked unnecessarily. As Krebs had noted, much of the information was stolen through email accounts and file sharing systems, which are not all that difficult to defend against less-sophisticated attacks such as this one.
The time is now to begin using email encryption, data security and other defenses, while boosting training and awareness among staff members can have a positive impact as well.