On Sept 7, 2017, Equifax announced they were hacked sometime between May and July of this year. The incident potentially impacts around 143 million U.S. consumers, exposing names, Social Security numbers, birth dates and more. All the ingredients identity thieves need to cook up some misery.
Obviously, we all have reason to be concerned by this breach of our own personal security, identity, and finances. We can take measures such as setting up credit monitoring, security freezes, and extra care with inspecting our personal accounts. Although this was a breach of consumer info, don’t overlook the implications to your corporate cyber security.
This breach has received a lot of media attention, so your users will want to know what happened and whether or not their data was compromised. Cyber criminals will certainly take advantage of the consumer fear using phishing attempts and any other means they think viable. They will prey on fear, and some of these criminals will trick users into thinking they are protecting themselves by clicking on links, downloading malware or exposing credentials while using corporate assets. Essentially, this well-publicized breach will be the launching pad for further breaches in other organizations. It’s time for extra vigilance.
There are two principal areas to consider while mitigating this risk: people and technology. I’ve written previously about people aspect and the necessity for security awareness programs. Inform your users about what happened at Equifax and what they can do to protect themselves. Let your people know that they will be targeted and try to give them as many tools as possible to protect themselves.
On the technology front, do you have systems in place that can identify phishing attempts and block them? Can you detect and prevent unusual user or device behavior? Do you have insight into the traffic that transverses your network? Can you detect lateral movement of an attacker and automate a response?
I’m afraid the days of preventing cyber criminals from getting into your network are long gone. We must assume they will get in, and turn our focus to reducing the time it takes to detect and respond. Think about this: It took months for Equifax to detect and respond to its breach, and given the size of that breach, that was obviously too long. Determining the size of the financial impact will take even longer.