In a recent article by the LATimes it
references foreign countries creating large databases of American military and government
workers for use to blackmail, recruit and craft dedicated spear phishing campaigns
towards U.S officers and officials.
This is a concern, because with every hack (Anthem, OPM and
even Ashley Madison) nation state attackers are able to garner and piece together
the growing puzzle that is the American government user base. These are also
only the hacks we now about and I’m sure there’s a ton that have gone
without notice, so with every new hack nation states are dropping down another
piece of the puzzle. Many times they don’t even have to perform the hack, they
just need to take the data from others that have posted their work on the dark webs (E.G Ashley Madison database
on the dark web with .mil or .gov email addresses) as a gift towards their big
data initiatives. With each new breach we’re giving away personal information
that these nation states are using as evil marketers to learn more about their
targets, which in this case is our government. This is interesting, because the
government can attempt to perform as much security awareness on their
employees, invest millions of dollars on technical security infrastructure all
to be shot to hell by private sector hacks giving away information about
government workers. This is by far the weakest link and the attackers have
noticed it. There’s blood in the water and the sharks are circling.
The other problems with these attacks is that they doesn’t
exclude others from being caught in their net and the intended targets, along with innocent user bystanders, are caught in the crossfire. With the Anthem breach (where
the data hasn’t been seen for sale on the black market, so it’s most likely being
used by a nation state) EVERY users data was scoped
up for the entire company, whereas the intended targets were supposedly only government officials/officers.
This is putting American citizens privacy in the middle of an international
data war. We’re all becoming collateral damage, or throw away data, that’s most
likely sold or reused later if needed, but still not the intended targets of
the breach. It’s as if the American public was hit by a drive-by shooting and
is just another victim of pointless violence. We’re all sufferers of nation state
attacks, not just the intended targets.
"Clowns to left of me, jokers to the right, Here I am, stuck in the middle with you" ~ Stealers Wheel
No comments:
Post a Comment