“Data Breach Linked to China Exposes Millions of U.S. Workers”
The New York Times reported on June 4th, 2015
“The Obama administration on Thursday announced what appeared to be one of the largest breaches of federal employees’ data, involving at least four million current and former government workers in an intrusion that officials said apparently originated in China.
The compromised data was held by the Office of Personnel Management, which handles government security clearances and federal employee records. The breach was first detected in April, the office said, but it appears to have begun at least late last year.
The target appeared to be Social Security numbers and other “personal identifying information,” but it was unclear whether the attack was related to commercial gain or espionage. The announcement of the intrusion came amid news that the National Security Agency had expanded warrantless surveillance of foreign hackers, an effort that could sweep up the information of innocent Americans.”
Please rethink the need for enhanced “Firewall Protection, Redundant ISP Connectivity, Cloud PBX, SIP Trunking, and proper Physical Security.”
Corey Nachreiner, the chief technology officer at WatchGuard Technologies, a global leader in multi-function firewalls, spoke to a sold out audience at the Bits By The Bay conference about the cyber security threats and vulnerabilities the broadcast community faces. Sponsored by the protev®, the event was designed to educate broadcast engineers on the long-term trends and vision of the connected age.
“While the Internet has drastically impacted how society communicates, the networking technology behind it has unlocked a wealth of possibilities for sharing and consuming content around the world,” said Nachreiner. “Unfortunately, this connected world has created significant risk to the tune of more than 117,000 incoming cyber attacks happening daily.¹ No industry is safe from hackers.”
To help the broadcast community better understand the cyber threats they face and how they can protect themselves, Nachreiner outlined the dark underbelly of cyber security and how to build the best defense to guard your data.
No industry is safe: Today’s global threat landscape is rising dramatically. As a matter of fact, from 2013 to 2014 security incidents detected by businesses rose 48 percent from 28.9 million to 42.8 million.² As IT and broadcast technologies continue to converge, the door is increasingly being opened for more advanced cyber attackers that prey on technological weaknesses. This is something that Sony Pictures and TV5 Monde know all to well.
Use the kill chain: Sophisticated attacks require defense-in-depth, demonstrated by the cyber kill chain 3.0, which includes: reconnaissance, delivery, compromise/exploit, infection/installation, command and control, lateral movement or pivoting, and objectives/exfiltration. Understanding how to break that chain before it impacts the business can be key to keeping data and information secure.
Visibility into your network: It’s the year of advance persistent threats (APT), which are cutting-edge attacks that try to gain prolonged, stealthy control over a high-value business target. Press and broadcast are now a targeted vertical for these types of attacks, as well as the more common attacks like Spear Phishing, Drive-by Downloads, Watering Holes and Chain-of-Trust. On average, a malicious breach takes 80 days to discover and 123 days to clean up.³ By then, the damage is already done and it’s often because we’re drowning in oceans of data and have poor visibility into our networks.
Protect your business: Using next-generation firewalls and unified threat management appliances are important, especially those with APT protection. It’s also vital that organizations have visibility into its network and data. But, technology can’t solve it all – IT must have end-user awareness and training. It’s also important to patch and update device firmware. And finally, security professionals need to have a disaster recovery plan in place should it all go wrong.
Nachreiner has operated at the frontline of cyber security for 16 years, and for nearly a decade has been evaluating and making accurate predictions about information security trends. As an authority on network security, he is a sought after speaker at forums such as Gartner, Infosec and RSA. He is also a regular contributor to leading publications including CNET, Dark Reading, eWeek, Help Net Security, Information Week and Infosecurity, and delivers WatchGuard’s “Daily Security Byte” video on Facebook.
Tweet this: [email protected] and @Secadept speak to sold out audience @SMPTEConnect at broadcast conference about #cyberkillchain.
About WatchGuard Technologies, Inc.
WatchGuard® Technologies, Inc. is a global leader of integrated, multi-function business security solutions that intelligently combine industry standard hardware, best-of-breed security features, and policy-based management tools. WatchGuard provides easy-to-use, but enterprise-powerful protection to hundreds of thousands of businesses worldwide. WatchGuard products are backed by WatchGuard LiveSecurity® Service, an innovative support program. WatchGuard is headquartered in Seattle, Wash. with offices throughout North America, Europe, Asia Pacific, and Latin America. To learn more, visit WatchGuard.com.
WatchGuard is a registered trademark of WatchGuard Technologies, Inc. All other marks are property of their respective owners.
About the Society of Motion Picture and Television Engineers®
The Oscar® and Emmy® Award-winning Society of Motion Picture and Television Engineers® (SMPTE®), a professional membership association, is one of the leaders in the advancement of the art, science, and craft of the image, sound, and metadata ecosystem, worldwide. An internationally recognized and accredited organization, SMPTE advances moving-imagery education and engineering across the communications, technology, media, and entertainment industries. Since its founding in 1916, SMPTE has published the SMPTE Motion Imaging Journal and developed more than 800 standards, recommended practices, and engineering guidelines.
More than 6,000 members – motion-imaging executives, engineers, creative and technology professionals, researchers, scientists, educators, and students — who meet in Sections throughout the world sustain the Society. Through the Society’s partnership with the Hollywood Professional Alliance® (HPA®), this membership is complemented by the professional community of businesses and individuals who provide the expertise, support, tools, and infrastructure for the creation and finishing of motion pictures, television programs, commercials, digital media, and other dynamic media content. Information on joining SMPTE is available at www.smpte.org/join.
Small companies are the new big target: SMBs represent the majority of businesses and nearly 44 percent have already been attacked
Encrypted traffic explodes post Snowden: New WatchGuard Firebox M200 and M300 firewalls chew through encrypted streams 385 percent faster than competitors and 218 percent faster overall with all security engines turned on.
For more information on what you can do to protect yourself and your company contact Clarity Technologies Group, LLC at 800-354-4160 today!