Posts Tagged ‘Cyber Attack’

2016: Year of the Cybercriminal

Brian Heckert

Principal Content Editor, Dell EMC
My first long-term exposure to technology was the typewriter. I still love that invention, which really sparked my interest in writing. For the past 20 years, I have worked in high tech as a content development specialist, marketing writer, and documentation editor. Prior to working in the software industry, I was a journalist, photographer, photo editor, and military fire fighter. After hours, I enjoy spending time with family, reading, and hiking in the mountains.

cyberattackUS$1,000,000,000. That’s the estimated cost of ransomware to individuals and businesses in 2016. In the first quarter of 2016 alone, ransomware cost organizations US$209 million. Keep in mind that ransomware is just one type of cybercriminal activity. Although final numbers for 2016 are not yet known, based on the frequency and sophistication of the attacks so far, it’s likely that 2016 will end up as the most lucrative year on record for cybercriminals. The latest numbers show that there were more than 2 billion records leaked in 2016.

Here are just a few of the biggest cyberattacks in 2016:

Government
Even the U.S. government is not immune to cyberattacks. In February, the Department of Justice was attacked by hackers who published contact information of 20,000 FBI employees. That was just a day after the same hackers posted contact information of 10,000 Department of Homeland Security employees. Shortly after these attacks, the cybercriminals taunted the Feds, stating that they did what they said they would do.

High tech
Data from at least 500 million user accounts was stolen from Yahoo! users. The cybersecurity breach actually occurred in 2014 but was only confirmed by Yahoo! this past September. According to Yahoo!, “The account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers.”

Healthcare
Hospitals operated by the $5 billion healthcare provider MedStar Health were attacked by ransomware in March. Thousands of patient records could not be updated and in some cases could not even be accessed by healthcare staff. As a result, patients were turned away or were treated without important computer records.

Education
A data breach at the University of California, Berkeley, affected the institution earlier in the year, compromising the financial data of 80,000 students, alumni, employees and former employees. The hackers exposed Social Security and bank account numbers. The breach occurred when software was being patched.

No organization is immune
The attacks just mentioned are just a few of the thousands of cybercrimes that occur worldwide each day. Government, high tech, healthcare, education, etc.—no one is immune from a cyberattack. Cleary, if you’re connected, you’re vulnerable. Fortunately, there are precautions you can take to prevent a cybersecurity disaster. According to the Federal Bureau of Investigation (which is the lead federal agency for investigating cyberattacks), you can protect yourself and your organization from cyberattacks by: (more…)

Ransomware Hits Light-rail System, Resulting in Lost Revenue

Brian Heckert

Principal Content Editor, Dell EMC
My first long-term exposure to technology was the typewriter. I still love that invention, which really sparked my interest in writing. For the past 20 years, I have worked in high tech as a content development specialist, marketing writer, and documentation editor. Prior to working in the software industry, I was a journalist, photographer, photo editor, and military fire fighter. After hours, I enjoy spending time with family, reading, and hiking in the mountains.

Ransomware really gets around, faster than even the best form of mass transportation can move busy commuters to work.

ransomware-on-the-rail

Recently, ransomware caused the San Francisco Municipal Transportation Authority (SFMTA) light-rail system to lose revenue when the organization shut down ticket machines and fare gates as a precaution to the malware attack. According to the SFMTA site, ransomware infected mainly 900 office computers. However, another source claimed that more than 2,000 computers were infected, including office admin desktops, CAD workstations, email and print servers, employee laptops, payroll systems, SQL databases, lost and found property terminals and station kiosk PCs.

The ransomware scrambled the data on infected hard drives, posted a message on corresponding computers (“You Hacked, ALL Data Encrypted, Contact For Key (cryptom27@yandex.com) ID:601.”), then demanded a 100 Bitcoin ransom (approximately US$75,000) before the cybercriminals would agree to hand over a master decryption key that would allow the SFMTA to decipher the data ransomed on the infected hard drives.

Ransomware is a threat to businesses that already costs millions of dollars each year, and unfortunately is prevalent and grows more sophisticated. There are literally millions of new malware variants each year. In 2015 there were 431 million variants added, according to the Internet Security Threat Report.

Using a variety of attacks, criminals can inject malware into your network, which then holds your data or other systems hostage until you pay a ransom. Ransomware gains access to a computer system through a network’s weakest link, which is typically a user’s email or social networking site. Once a user clicks on a malicious link or opens an infected attachment, the malware spreads quickly throughout the system.

When a file or other data is held for ransom, the affected organization must meet the financial demands of the cybercriminal in exchange for a decryption key to “unlock” the ransomed data. If you don’t pay the ransom, you forfeit access to your computer and the data that’s on it. You also forfeit access for others to shared documents and data, compounding the impact exponentially. You might think that’s the worst case. Not so. (more…)

To Encrypt or Not? It’s Not Even a Question

Scott Delandy

Technical Director, EMC Core Technologies Division
Scott Delandy is Technology Director with EMC’s Core Technology Division (including VMAX, XtremIO, VNX, Data Domain, VPLEX, and RecoverPoint). Scott has been in IT for 25 years and has wide range of expertise across storage, virtualization, mission critical systems, and cloud computing. In his current role, he is responsible for driving strategy and technology alignment across product groups, working with users and partners to accelerate IT transformation initiatives across infrastructure and operations, and managing CTD's Leadership Development Program to identify, mentor, and develop high potential talent. His previous roles include product management, market and technology analysis, and technical field support. Scott is also a member of the EMC Elect social media community, an EMC TV correspondent, and is SPEED certified.

encryptionAs an IT organization, how confident are you that your organization’s data is secure and protected? From a protection perspective, it’s generally
expected to have RAID protection, redundant copies and backups, disaster recovery plans, etc. All essential good practices. But how secure are you from unauthorized access to data? Even when the data is at rest and believed to be secured within your trusted enterprise storage system?

It’s becoming an increasingly important topic as infrastructure teams look at their security requirements across the lifecycle of their storage systems. Operational and process questions related to security are starting to come up.  What happens to the data when a drive is replaced? What happens when data is migrated and a system is repurposed? What happens at the time of a refresh when a system is decommissioned?  And what is being done to prevent potential security breaches, such as if a drive is accidently lost, or even worse stolen?

encryption

Because of these growing concerns, many organizations are looking at how their security requirements are changing.  Some of these changes are being mandated by government and industry regulations. Many are also the result of internal mandates being driven by the security teams. Data at rest encryption is now playing an increasingly important part of an overall storage strategy. It’s expected that within the next few years, most, if not all data at rest will be encrypted. This is why every user we talk with considers encryption to be a “check the box” required feature for storage going forward.

VMAX D@RE – How does it Work?
VMAX provides secured array based data at rest encryption via “D@RE”. VMAX D@RE encrypts all user data on the array at the drive level. Every drive has its own unique encryption key and all drives within the VMAX are encrypted, including vault drives. If drives are removed from the array (ie drive sparing), their keys are instantly destroyed as part of the replacement process. If an array is retired the admin can permanently delete all copies of keys on that array making the data indecipherable and help address requirements around secure erasure of the system.

VMAX D@RE – Why’s It Different?
VMAX Array based encryption has three key advantages over other encryption alternatives.

No compromise: D@RE preserves all data services, including replication and more importantly, compression.  Alternatives that encrypt at the array level then compress at the drive level cannot combine the two capabilities. It’s because encrypted data does not compress (since it’s all unique) forcing users to compromise functionality and choose one or the other, but not both.

Performance: D@RE is faster than host or app based encryption without the use of hardware based accelerators. Since D@RE is hardware based at the array level, there is zero performance impact to the app, server or storage.  In addition, data erasures are instant, since only the encryption keys need to be deleted to make the data inaccessible.  That’s a key advantage, especially when an entire system, with 100’s of TB’s of data, is being replaced.

No fail destruction: And finally, it works even on badly failed drives. That’s important because when your drive fails, it can fail badly enough that it can’t be overwritten to remove private information. With drive level encryption, even though the failed drive might be “unreadable”, not being able to destroy the data securely still violates many security processes.  With D@RE, you can simply destroy the key from all locations and you’ve crypto-shredded or effectively made the data on the drive unreadable.    (more…)

SUBSCRIBE BELOW

Categories

Archives

Connect with us on Twitter

Click here for the Cloud Chats blog