Yet More Theft of Information Assets

Y
  1. Important Cybercrime Laws
  2. Yet More Theft of Information Assets
  3. Preparation Phase of a Digital Search
  4. Data Hiding and Steganography
  5. Confusion over Terminology
  6. Presenting Digital Evidence
  7. Remote Access Trojans
  8. Malicious Code Detection
  9. What is the Role of Computer Forensics?
  10. Forensics in Business Continuity Planning
  11. An analysis of different data sources used in a forensics investigation
  12. Business Continuity Analysis

It doesn’t seem that long ago that I received an official letter in the mail from the United States Office of Personnel Management (OPM) detailing that sensitive information about me had been compromised. I had been following the news and knew about the breach, so the letter didn’t come as a huge shock. It did make me think about the impact of such a breach, originally reported as affecting 4 million individuals, later estimated to have compromised sensitive information of 21.5 million. Christensen et al (2015). Just this past week I once again learned, along with the majority of the country, that with high probability my identity along with millions of others had been stolen in another data breach. It has since come to light that the cause of the breach was unpatched systems affected by Apache’s open-source Struts software, a vulnerability that should have been mitigated months before the breach took place. Brandom (2017).

While both of these incidents resonate on a personal level, it brings to light the seriousness of data breaches and theft of sensitive data, which remains the number one most damaging computer crime today. This can be especially harmful depending on the type of information. Stealing of passwords is one thing, however loss of social security numbers, fingerprints and other unique identifying qualities that cannot simply be reset is almost unforgivable. Countless others breaches have occurred over the last few years, which not only damage company reputations and harm individuals, they can also bring organizations to their knees in legal damage and harm that they may never recover from. In addition to theft, other methods of holding information hostage in ransomware attacks are becoming more common and damaging to organizations affected. Organizations and individuals must continue to become more vigilant in protecting information assets as these types of crimes continue to threaten and cause harm to many.

References:

  • Brandom, R. (2017). The FTC is looking into the Equifax breach. The Verge. Retrieved from https://www.theverge.com/2017/9/14/16306872/equifax-breach-ftc-probe-lawsuit-vulnerability
  • Finklea, K., Christensen, M. D., Fischer, E. A., Lawrence, S. V., & Theohary, C. A. (2015, July). Cyber Intrusion into US Office of Personnel Management: In Brief. LIBRARY OF CONGRESS WASHINGTON DC CONGRESSIONAL RESEARCH SERVICE.

About the author

Ian Carnaghan

I am a software developer and online educator who likes to keep up with all the latest in technology. I also manage cloud infrastructure, continuous monitoring, DevOps processes, security, and continuous integration and deployment.

About Author

Ian Carnaghan

I am a software developer and online educator who likes to keep up with all the latest in technology. I also manage cloud infrastructure, continuous monitoring, DevOps processes, security, and continuous integration and deployment.

Follow Me