In reaction to a data breach of four million current and former federal employees, a security expert said the incident is proof that traditional methods are not providing secured, privileged administrator access.
A DHA statement blamed Chinese hackers for the cyber break-in of U.S. government personnel office computer networks, in which identifying information belonging to the Office of Personnel Management and the Interior Department was stolen.
A statement from the OPM read, “Since the intrusion, OPM has instituted additional network security precautions, including: Restricting remote access for network administrators and restricting network administration functions remotely.”
Matt Dircks, CEO of Bomgar, a remote IT access and privileged access management provider for enterprises and government, said, “This is yet another proof point that traditional remote access methods aren't providing the traceability and controls needed to ensure privileged administrator access is secure.”
Bomgar serves 12 of the 15 Departments of the U.S. Federal Executive Branch and 11 of 21 U.S. National Laboratories.
Dircks believes VPNs are attractive targets for hackers because they carry sensitive information over insecure networks and often provide full access into an internal network. Compromising that VPN remote access method means the hacker also has full access to the internal network.
“When an organization's only response to control access is by significantly restricting it, it negatively impacts productivity and operations,” Dircks said. “In this new paradigm, security teams need to be proactively controlling and monitoring access to critical systems from internal and external privileged users.”
This includes managing which sensitive systems they have access to and when, receiving real-time access notifications, monitoring activity, and capturing an unalterable audit trail and recordings of activity for later forensic use.
Dircks stated that while the exact intentions of this hack are not known, the Office of Personnel Management breach is likely the work of the same group and the nation-state responsible for the breaches at Anthem and Primera.
“Clearly, with sensitive information such as names, Social Security numbers, and other personal identifying information from federal employees in play, their usage in social engineering schemes or blackmail is quite obvious,” he said. “These state-sponsored hacking groups are so nefariously clever and well-funded, what really worries me is the not so immediately obvious outcomes these cybercriminals hope to achieve.”
In July 2014, U.S. Treasury Secretary Jacob J. Lew urged financial institutions and firms to take critical steps to better protect consumers and strengthen the nation's defenses against cybersecurity thefts, disruptions and attacks. Specifically, he called on the U.S. financial sector to improve cybersecurity by using the administration's new cybersecurity framework for their systems and as a way to evaluate outside vendors.
Secretary Lew called on financial firms to implement the NIST Framework for Improving Critical Infrastructure Cybersecurity. This framework, released in February 2014, provides a blueprint to evaluate, maintain and improve the resiliency of their computer systems.
“The consequences of cyber incidents are serious,” Lew said in his remarks. “When credit card data is stolen, it disturbs lives and damages consumer confidence. Successful attacks on our financial system would compromise market confidence, jeopardize the integrity of data and pose a threat to financial stability.”
Whether the OPM-hacked systems used a NIST framework has not yet been revealed.
Complete your profile to continue reading and get FREE access to CUTimes.com, part of your ALM digital membership.
Your access to unlimited CUTimes.com content isn’t changing.
Once you are an ALM digital member, you’ll receive:
- Breaking credit union news and analysis, on-site and via our newsletters and custom alerts
- Weekly Shared Accounts podcast featuring exclusive interviews with industry leaders
- Educational webcasts, white papers, and ebooks from industry thought leaders
- Critical coverage of the commercial real estate and financial advisory markets on our other ALM sites, GlobeSt.com and ThinkAdvisor.com
Already have an account? Sign In Now
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
Roy Urrico
Roy W. Urrico specializes in articles about financial technology and services for Credit Union Times, as well as ghostwriting, copywriting, and case studies. Also: writer/editor of a semi-annual newsletter for Association for Financial Technology since 1997 and history projects funded by the U.S Interior Department, National Park Service and Warren County (N.Y.).
