Business cybersecurity — or the lack thereof — continued to make headlines in the past few weeks as more U.S. private-sector firms consider counteroffensive tactics against attackers. Also in cybersecurity news, North Korea slammed new U.S. sanctions in response to the Sony hack, and a new report found that last year’s massive JPMorgan Chase data breach was the result of a basic security flaw.
After Sony breach, more firms consider hacking back
A growing number of private-sector companies — including some large U.S. banks — have been targeted by hackers in recent months and are frustrated with a perceived lack of follow-up from the federal government. These companies have started looking to outside options to strike back at their attackers, some security specialists and former law enforcement officials told Bloomberg.
These anxieties have only intensified after the breach of Sony Pictures’ network, according to the article. Some of these businesses have employed cybersecurity firms to advise them on various counteroffensive tactics, including disrupting hacker operations and peering into foreign-based networks to find out what data was stolen.
“Hacking back” efforts gained a higher profile after President Obama’s promise to mount a response against North Korea for the Sony data breach, but many companies don’t actually follow through with such measures, said some of the cybersecurity professionals. These experts and the FBI also discourage companies from retaliating because it might entice hackers still lurking in their networks to ramp up their attacks.
North Korea blasts U.S. sanctions; FBI stands behind its Sony breach assessment
North Korea has publicly criticized new sanctions authorized by President Obama last week, calling them “hostile” and “repressive.” The U.S. sanctions were imposed against three North Korean organizations and 10 government officials, and enacted in response to the Sony Pictures breach.
North Korea’s foreign ministry continues to deny responsibility for the cyberattack. The U.S. government has not offered any public evidence linking North Korea to the Sony breach, which has left many in the cybersecurity community unconvinced that the nation-state was responsible. Many cyberintelligence firms investigating the attack said they have not observed concrete evidence that confirms that North Korea backed the breach.
Security experts’ skepticism has only intensified after the FBI attended a three-hour briefing by a security firm whose research indicates the perpetrator was laid-off Sony staff. After the meeting, the FBI was steadfast in its assertion that North Korea was behind the attack, and officials stated there was “no credible information” to suggest otherwise. One U.S. official told Politico that the discrepancy could be due to the FBI having access to intelligence sources that others don’t.
JPMorgan hack could have been quelled with simple security fix
Last year’s breach at JPMorgan Chase, the largest cyberintrusion on a U.S. bank reported thus far, could have been prevented by updating one of the bank’s servers to include two-factor authentication, according to a report by The New York Times. JPMorgan spends $250 million on computer security annually to prevent sophisticated cyberattacks, but the security hole overlooked by the bank’s security team was a very basic one, people who have been briefed on the investigation into the attack explained to the Times.
Most large financial firms use two-factor authentication, and sources said the oversight is seen as an embarrassment inside JPMorgan as the company conducts an internal review to see if there are other weak spots in its large network.
Security experts say that one reason the vulnerability in JPMorgan’s network has gone so long without being addressed is because the bank’s size made it difficult to secure its information, especially as it acquires more companies and incorporates new networks.