Another week, another series of headlines in the cyberverse. If you are experiencing deja vu this week, you’re not the only one. It was a week of repeats: Fancy Bear at it again, Russia and China target a western nation, digitally, and Yahoo hacked (again, again).
Here’s the cyber week in review.
Fancy Bear Dancing
If you’ve been following this feed, Fancy Bear has made headlines before: that’s the entity accused of hacking the Democratic National Conference and leaking data that was damaging to the Democratic Party prior to the US presidential election. Recently, the same group has been targeting sites in the UK.
So what’s the big deal about interfering in foreign elections? After all, the United States has been doing that for years. Probably since the days of ancient Greece, or whenever there first really were elections, others have attempted to interfere.
Also, it’s not unusual for data to get leaked, particularly about a profile figure like a presidential candidate. Those on the campaign trail are infinitely familiar with “playing dirty” and anything from their past that the opposition can dredge out, they will.
What is unusual is the level playing field of the digital age. Now, it doesn’t take a team of spies like the CIA to uncover oppositional data and you don’t need allies in the press to release the data you leak: remote hacking and internet leaks will do the job.
In this level playing field, of course, we haven’t seen the end of teams like Fancy Bear.
While U.S. federal agencies and several other teams have claimed the Russian government sponsors Fancy Bear, Vladimir Putin and team have denied the claim.
For now, we do not know, but Britain and other western nations will be buttoning down the hatches for some time.
Britain Feels the Pain
Britain has been hit dozens of times per month in recent months on government departments and key members of the public, with China and Russia the two main likely culprits.
Many of the threats have the potential impact on everyday life, including:
- Malware that affects business operations and reputations.
- DDoS attacks that slow or stop infrastructure, including internet services but also the IoT (internet of things) like digital homes, electronic components of cars, and other digital devices.
- Slowing or stopping of federal services when sites are compromised.
- Theft of personal information of high-profile figures with the intention to interfere in state functions.
- Theft of personal information of private citizens to be used for other nefarious purposes, including credit card or identity theft.
With even more potential threats attempted, as many as 200 per day, Britain is scrambling, like their neighbor to the west, the United States, to beef up security programs. Nations with large-scale state-sponsored hacking teams, like reportedly a part of the North Korean, Chinese, and Russian governments, reveal a level of organization that Britain has not yet matched.
To keep up, Britain will need to inspire education for a new kind of army: a hacking army.
In the midst of World War nations developed espionage units that would become the beginning of secret services like MI-6 and the CIA. The digital age has presented another sort of world war, one that will not be able to rely on the same level of tech savvy of espionage of the past. With the right infrastructure or effective collaboration between state and private parties, Britain’s hacking team could reach the next level.
Oops! Yahoo Did it Again
Yahoo has been making headlines for all the wrong reasons, such as for the largest hack of 2016. Now, Yahoo is in the unfortunate position of notifying customers of a breach, again, and this time it is a double-whammy.
Hit One: Having to tell customers that your network has been breached again can do serious reputation damage. Now Yahoo is telling customers that cookies may have been stolen and forged. Yahoo invalidated the forged cookies so that they cannot be used again, but there’s no telling how many customers were affected by the breach. Time to change those passwords, again.
Hit Two: That deal with Verizon took a big hit, to the tune of $250 million less in offered purchase price. Reputation damage comes with a hefty price tag at that scale, and brand reputation is what a large company is built upon. No news yet on whether or not the deal will still go forward.
Cyber intelligence and reputation control have never been so important. The “leveling of the playing field” in the digital age can translate into attacks on a scale most businesses (not to mention most governments!) are ill-equipped to keep up with. Stay on the cutting edge of the cyber world to cover your backside.
See you next week for more top cyber stories.