Cyber Security Threats: Why Detection Takes So Long
The recent Equifax data breach compromised consumer data on an almost unbelievable scale, exposing millions of Americans to the risk of identity theft for the rest of their lives. While notable for its size and severity, it’s just another notch in a long series of major data security breaches. Despite growing awareness of cyber security threats, companies routinely fail to detect major attacks until it’s far too late.
The Equifax Data Breach
On September 7th, Equifax announced a massive breach. Hackers had exploited a security vulnerability in the company’s software starting on or around May 13th. They proceeded to steal personal information about consumers, “primarily including names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers.”
Breaches are a fact of life, but what was shocking was the sheer extent of the breach. Approximately 145.5 million Americans had had their information stolen from the credit reporting agency. Think about that number. The population of the United States is about 323 million. So far, only about 450 million Social Security numbers have ever been issued. The hackers made off with the data of about 45% of all Americans, and nearly ⅓ of the Social Security numbers in existence.
Downloading all that data isn’t quick or easy. Your network logs who is connecting to it, and what data is flowing in or out, and a security team should notice when someone starts downloading a massive amount of information — at least, they’re supposed to. It takes time to steal all that data. In Equifax’s case, 2 ½ months (from May 13th to July 30th). How did hackers exploit a known vulnerability, and compromise the information of so many people over such a long time?
Equifax is Just the Latest Massive Cyber Breach:
Even if Equifax were a fluke, it should give cyber security experts plenty of reason to worry — but it isn’t. Breaches aren’t unusual, no matter the industry. There have been a series of major breaches exposing hundreds of millions — or in one case, billions of users. In some cases, the breaches took years to discover, leaving users completely exposed. Here are a few examples:
- Yahoo!
In late 2016, while negotiating a sale to Verizon, Yahoo! made a disturbing announcement: it had fallen victim to a massive breach, compromising the email addresses, names, telephone numbers, and birthdates of hundreds of millions of customers in 2014.
The news turned out to be even worse than the company thought. There had been multiple breaches, including a 2013 attack compromising three billion accounts, including passwords. Literally every single Yahoo! email, Tumblr, Flickr, and Fantasy account was compromised in 2013, leaving users exposed and unaware for three years, while their data was sold on the dark web.
- Office of Personnel Management (OPM)
In 2012, hackers (most likely, a state-sponsored team from China) perpetrated one of the most serious cyber security disasters in US history. The OPM provides background checks for federal employees, conducting interviews of friends, family, and neighbors for high-security jobs.
The hackers stole the records of 21.5 million people, including detailed information about their families, past residences, foreign travel, health records and other sensitive information. The House Committee on Oversight and Government Reform was candid on just how damaging that breach was. It’s report was titled “The OPM Data Breach: How the Government Jeopardized Our National Security for More than a Generation.”
- The Carbanak Breach
The Carbanak breach wasn’t about data — but it shows just how sophisticated cyber security threats have gotten. According to Kaspersky Lab, hackers targeted up to 100 financial institution in 30 different countries starting in late 2013, doing an estimated $1 billion in damages, and got away with it. Think about that — the financial industry is arguably the most secure, yet hackers were able to steal up to $1 billion from banks across the world, and get away with it.
Why Cyber Security Breaches Happen
IT security is complicated, because IT is complicated. Organizations need to provide instantaneous access to employees, customers, and others all over the world, while keeping the bad guys out. Some of the factors are:
- Insider Threats
If a user can access a resource, they can compromise that resource. Sometimes users do it maliciously — for example, selling off data or sabotaging a database to get revenge for perceived mistreatment. More often, however, the insider threat is a mistake. A user might create a weak password, leave their account logged in on a shared computer, login via an insecure connection, or screw up in any one of thousands of other ways.
- Unpatched Vulnerabilities
Software providers and third parties work hard to test their software, find vulnerabilities and release patches. Unfortunately, as soon as a patch is released, the bad guys start looking for ways to exploit the vulnerability. If your company is taking 6 months or so to apply patches, that gives hackers an opportunity to exploit new vulnerabilities to gain access to your landscape.
- Lack of Access Controls
The fewer users who have access to a particular piece of sensitive information, the less likely that information is to be compromised. The fewer permissions a user has, the less damage a hacker can do if they compromise that user’s account. Ideally, each user should have the minimum access necessary to do their job — no more. Unfortunately, many companies don’t adequately address segregation of duties and other compliance controls, leaving their landscapes more exposed to cyber security threats.
- Third Party Errors
Banks, vendors and other third parties need access to your landscape for you to run your business — for example, to process financial transactions or provide support. Unfortunately, hackers can target the portals they use as a means to gain access to your landscape.
- Inadequate Network Security
Your network itself can be an invaluable defense against cyber security threats — or a source of dangerous vulnerabilities. Unfortunately, most companies don’t put enough effort into network security architecture best practices like hardening and segmentation, potentially leaving gaps hackers can use to gain access.
How to Beat Cyber Security Threats
The most challenging thing about security is its scope. There are many aspects of your landscape that lie outside of traditional cyber security, but still have security ramifications. For example, patching software and configuring SAP aren’t really security’s job — they’re handled by your SAP Basis support team — but if those tasks aren’t handled properly, they can lead to intrusion. Similarly, if you’re buying hosting from a company with sloppy data center security practices, that can increase certain risks, even if you have a good third-party security provider.
To protect against cyber security threats, you need a solution designed from the ground up with security in mind. Everything from network engineering, to data center monitoring, to patching, to intrusion detection and prevention play a role in keeping your landscape safe.
Be Secure With Symmetry
As a leading SAP hosting and managed services provider, Symmetry has what it takes to keep your company safe. From protecting your data in our ultra-secure Tier 3 data centers to high touch Basis support our comprehensive cyber security services, we address all the attack vectors enterprises face — not just those that fall under “security.”
About Scott Goolik – VP, Compliance and Security Services
Scott Goolik is VP of Compliance and Security Services at Symmetry. A recognized expert in the field of SAP security and compliance, Scott has over 20 years of expertise in SAP security and is a regular presenter at SAP industry tradeshows and ASUG events. His experience includes working for one of the Big Four accounting firms and developing auditing tools, including those for segregation of duties (SOD). Scott is also responsible for architecting the ControlPanelGRC® solution which provides audit automation and acceleration of security and control processes.
Stefanini
Stefanini brings decades of IT outsourcing expertise to clients around the globe. We support mid-size and large corporations through offshore, onshore and nearshore IT managed services, systems integration, consulting and strategic staffing. Our ability to deliver support in 35 languages, in 88 offices, with a direct presence in 39 countries, is why our IT outsourcing solutions are used by some of the largest multinational companies in the world. The corporate global headquarters is located in Sao Paulo, Brazil with European headquarters in Brussels and North American headquarters in metropolitan Detroit.
Illumiti
Illumiti helps you optimize your operations by implementing SAP® software solutions faster, at a lower cost, and with less risk. Illumiti is a member of United VARs which is an SAP platinum partner and one of the leading implementers of SAP S/4HANA in North America. We serve 200+ customers across many industry sectors and have completed 100+ SAP implementations since 2000.
Seidor
Seidor is a multinational IT Integrator dedicated to providing integral solutions in the area of software consulting and IT services with a wide portfolio of products and services covering consulting, infrastructure, implementation, development, and maintenance of applications and outsourcing services. As a member of United VARs, we are a certified premier partner able to distribute and implement our providers’ products and solutions. That is why we can say that we are always able to offer each customer the best technology solution available in the market to meet their specific business requirements.
Headstart
Headstart is a trusted adviser and service provider for customers deploying, maintaining, and developing business critical IT systems. We are one of Finland’s most important business developers and SAP service companies. We work with our expertise in both Finland and internationally through the United VARs network, with over 10,000 consultants in over 80 countries.
GyanSys
GyanSys is an mid-tier systems integrator with 12+ years of consistent growth with successful engagement across 100+ global customers with 500+ global employees based in USA, India and Philippines. We are proud to be associated with SAP (Gold Partner), Salesforce (Silver Partner) and Microsoft (Gold Partner).
GyanSys specializes in different HANA initiatives including green-field S/41610 & S/4 Public Cloud implementations, Central Finance, HANA technical migration and S/4 functional gap analysis. In addition, GyanSys’ service offerings include end-to-end consulting across – Ariba, SuccessFactors, SAP IBP, SAP PLM and Analytics.
GyanSys has industry-centric accelerators with focus around Automotive, Consumer Goods, High-Tech and Manufacturing. GyanSys provides pooled hour, 24×7 support services leveraging its SAP AMS Certified delivery centers in US, India & Philippines.
Symmetry SAP Partner Managed Cloud program
Symmetry wraps the software, hardware, and technical support costs into a single, per-user, monthly subscription fee.
Zerto
Zerto provides enterprise-class disaster recovery and business continuity software specifically for virtualized data centers and cloud environments. Built on Zerto Virtual Replication software, Symmetry’s DRaaS cloud protects mission critical workloads and applications to improve IT resiliency and mobility, and solution uses Zerto’s hypervisor and storage agnostic capabilities, which enables enterprises to easily replicate and migrate data between VMware vSphere and Microsoft Hyper-V environments, as well as public clouds such as Amazon Web Services (AWS).
VMware
VMware, a global leader in cloud infrastructure and business mobility, helps customers realize possibilities by accelerating their digital transformation journeys. With VMware solutions, organizations are improving business agility by modernizing data centers and integrating public clouds, driving innovation with modern apps, creating exceptional experiences by empowering the digital workspace, and safeguarding customer trust by transforming security.
Trace3
As a Transformative IT Authority, Trace3 is the premier provider of IT solutions. We integrate IT products and services with insightful consultation in order to provide total transformation for both executives and organizations. Our elite engineers implement tomorrow’s systems and hardware to solve today’s most pressing IT problems, standing shoulder-to-shoulder with our clients to protect and serve their interests.
SUSE
SUSE, a pioneer in open source software, provides reliable, software-defined infrastructure and application delivery solutions that give enterprises greater control and flexibility. More than 20 years of engineering excellence, exceptional service and an unrivaled partner ecosystem power the products and support that help customers manage complexity, reduce cost, and confidently deliver mission-critical services.
Sirius
Sirius is a national integrator of technology-based business solutions that span the enterprise, including the data center and lines of business. With the right people and the right partners, Sirius is able to focus on solutions to help IT professionals cut costs, increase reliability, ease the burden of management, maximize flexibility, mitigate risk and improve service.
ScienceLogic
ScienceLogic is the global leader in hybrid IT service assurance. Over 47,000 global service providers, enterprises, and government organizations rely on ScienceLogic to significantly enhance IT efficiency, optimize operations, and ensure business continuity. ScienceLogic is the first monitoring solution to provide a comprehensive view of all IT components through a single pane of glass, whether they reside in a public cloud environment or on-premises. With over 1,500 dynamic management apps and custom dashboarding capabilities, we deliver the scale, resiliency, and automation needed to simplify the constantly evolving task of managing IT resources, services, and applications.
About Sage Solutions Consulting
Sage Solutions Consulting, an SAP partner, provides certified SAP consulting services to a range of industry leading Fortune 500/1000 and public sector businesses.
Over the last decade, SSC has been instrumental in over 100 global SAP implementations, migrations, upgrades and assessments. Their seasoned resources are able to successfully and securely integrate customer’s business processes into SAP by leveraging their experience as well as the most powerful aspects of the ERP technology. With the advent of HANA and new hardware capabilities, having a credible advisor becomes even more paramount and it’s why companies turn to SSC for guidance.
About RedHat
Red Hat is the world’s leading provider of open source software solutions, using a community-powered approach to provide reliable and high-performing cloud, Linux, middleware, storage and virtualization technologies. Red Hat also offers award-winning support, training, and consulting services. As a connective hub in a global network of enterprises, partners, and open source communities, Red Hat helps create relevant, innovative technologies that liberate resources for growth and prepare customers for the future of IT.
About Palo Alto Networks
Palo Alto Networks is the next-generation security company maintaining trust in the digital age by helping tens of thousands of organizations worldwide prevent cyber breaches. With our deep cybersecurity expertise, commitment to innovation, and game-changing Next-Generation Security Platform, customers can confidently pursue a digital-first strategy and embark on new technology initiatives, such as cloud and mobility.
About Nimble Storage
Nimble Storage, an HPE company, was founded in 2008 with the core belief that flash, cloud and big data analytics would disrupt the storage market. Together, HPE and Nimble Storage deliver a full range of superior flash storage solutions for customers across every segment.
Flash storage is a fast-growing market, one that is an increasingly important element of today’s hybrid IT environment. Nimble’s predictive flash offerings are the perfect complement to the HPE storage portfolio, from scalable midrange to high-end 3PAR solutions and affordable MSA products.
About Microsoft
Founded in 1975, Microsoft (Nasdaq “MSFT”) is the leading platform and productivity company for the mobile-first, cloud-first world, and its mission is to empower every person and every organization on the planet to achieve more.
About Vortex Consulting
At Vortex Consulting, we understand ERP systems. For nearly 20 years, Vortex has helped clients achieve their business goals by connecting them with proven talent. Founded in 1997, Vortex Consulting specializes in SAP and Oracle ERP staffing services and consulting solutions in the U.S. and Canada.
About KPIT
KPIT is a global technology company that specializes in providing IT Consulting and Product Engineering solutions and services to key focus industries – Automotive and Transportation, Consumer and Industrial Goods, Energy and Resources, High Tech, Life Sciences, and Utilities.
About Juniper
Juniper Networks creates innovative technologies that help our customers connect their ideas, compete, and thrive in an ever-changing world. Through our passion for creating high-performing networks, Juniper extends knowledge, collaboration, and human advancement in industries around the world—such as energy, healthcare, education, and many others.
About Focal Point Data Risk
Focal Point Data Risk helps clients build secure and flexible risk management programs centered around their critical data, providing a comprehensive answer to the risks surrounding malicious cyber threats, data privacy and security challenges, shifting compliance mandates, and complex system implementation initiatives.
About Cisco
Cisco is the worldwide leader in IT and networking, helping companies of all sizes transform how people connect, communicate, and collaborate. Working with Service Provider Partners, we seize the opportunities of tomorrow by proving that amazing things can happen when you connect the previously unconnected.
About Answerthink
Answerthink—a Hackett Group company, partners with leading organizations to deliver value through SAP solutions. As a member of United VARs and an SAP Platinum Partner, Answerthink has completed more than 400 SAP implementation projects—covering all major SAP solutions, from SAP HANA to leading industry solutions like SAP Life Sciences and SAP CPG.
About American Digital
American Digital is a Chicago-based Enterprise IT solutions partner focused on datacenter transformation. We take a personal and consultative approach, working with our clients to learn about their business objectives and current processes to effectively determine the ideal solutions for their organization. We want to help businesses build a more cost-efficient IT strategy that can improve efficiency and support future growth. Our experienced team of solution architects, engineers, and project managers work in tandem to deliver solutions like Big Data and Analytics, Storage and Servers, Networking, Security, Cloud and Software applications.
Based in the greater Chicago area, American Digital has offices nationwide and services a variety of markets including health care, finance, manufacturing and distribution and higher education.
About Alchemy
Assuming risk is inherent to business. Without it, there is little possibility of return. Your ability to manage risk is a determining factor in your company’s success or failure. Alchemy Security was founded to help clients identify ways to make the best business decisions about how and where to invest precious resources to minimize Information Security risk.
Simply stated, we believe that with targeted investments, it is possible for organizations to reduce costs while also optimizing risk.
About Agilos Risk Networks
Agilos Risk Services provides practical solutions in the field of Risk Management, IT Security, Process Mining, GRC and Project Control. As Symmetry’s partner they provide knowledge of methodologies for training, applying, implementing and operating and continuous improving ControlPanelGRC in your organization.
Agilos focuses on customer needs and to provide them with invaluable insights and “best fit” solutions. State-of-the-art software from our software partners provide you with additional tools to maintain your system security and enhance your governance practices.
About Avi Networks
Avi Networks delivers elastic software-defined application services in any data center or cloud. Enterprises are driving a digital transformation as they adopt cloud infrastructure and leverage modern applications and app architectures, like microservices and containers. However, legacy application delivery controllers (ADC) are a bottleneck because they are confined to expensive hardware, inelastic, and have only limited functionality for modern applications and infrastructure.
Avi Networks completes enterprises’ digital transformation with its smart load balancer and modern application services. The solution is applied across data centers and clouds to deliver better elasticity, intelligence, and cost savings by providing granular per-tenant and per-app services.
Source
https://symmetrycorp.com/blog/cyber-security-threats-detection-takes-long/