535 Connecticut Ave. Suite 104
Norwalk, CT 06854
Empire State Building
350 Fifth Avenue, 59th fl.
New York City, NY 10118

Featured Article

August 25, 2017

OPM Hacker Arrested: Biggest Hack Arrest of all Time?

In the history of hacking there have been many types of cyberattacks across just about every industry, from the financial sector to the government space. There have been so many attacks, it’s hard to put a finger on the most devastating incident. We believe, though, the U.S. Office of Personnel Management (OPM) hack of 2015 — where 22.1 million personnel files were stolen — was one of the most important breach of our lifetime.

Now, you may be wondering why this hack was such a big deal. After all, it pales in comparison to some of the larger data breaches we have seen. The Home Depot hack of 2014, for instance, resulted in the theft of 56 million customer records. The JP Morgan Chase hack of that same year resulted in 76 million records. And so on.

The reason why the OPM hack was so problematic boils down to one thing: blackmail. The stolen data included a great deal of information that could potentially be used against our spies, soldiers, sailors and politicians. Just imagine what would happen if the US were to enter into a military engagement of some kind with China over North Korea or the disputed territory in the South China Sea.

The Chinese government could simply reach out to sailors on the ships, submarines, etc. and threaten to release personal information online if they don’t do as China wishes. Or they could threaten to target their loved ones. This information could further be given to North Korea and Iran which could make any military engagements with these countries far more difficult.

Fortunately, there is a silver lining here as justice may now be served in this case.

This week, the FBI arrested a Chinese national named Yu Pingan under the belief that he and unnamed co-conspirators acquired and used rare hacking tools — one of which included a program called Sakula — to break into the OPM.

Of course, this will not undo the damage that has already been done. It’s an important reminder that while justice can be served after a cyberattack, the blowback could last for several years and produce many different unpleasant scenarios.

That being said, it’s worth taking a high-level view of the current threat landscape and considering some of the top threats facing businesses today.

  • DDoS attacks allow hackers to target a site by flooding it with traffic from hacked devices like computers, tablets and connected IoT machines. The reasons for launching these attacks can be for cyberactivism or financial gain. They can be devastating to sites which aren’t prepared by knocking themoffline for hours or days. The matter is considered so urgent that the US Senate even took it up and submitted a bipartisan bill on the matter. According to Kaspersky, DDoS attacks jumped during 2Q17.
  • Ransomware attacks can be the result of random clicks by unaware users or perhaps more targets through phishing or spear phishing where the target is researched in advance and sent something irresistible to click upon.
  • Money transfer attacks occur when company employees are tricked into wiring money to a hacker account through what looks like a legitimate email from their boss or other authorized authority. By hacking mailboxes, malicious users can learn patterns and terms used by an organization and subsequently use these terms against them. Tens or hundreds of millions of dollars are lost by corporations each year through such attacks.
  • National Security Hacks target government agencies. In the Stuxnet case, for instance, Iranian centrifuges spinning uranium were hit – causing them to malfunction and spin wildly out of control.
  • Retail hacks like as the one launched at Target in 2014 take aim at credit cards and are typically used for run of the mill financial crimes. TJ Maxx was one of the first attacks targeting retailers.

Here are some specific, high profile hacks to know:

  • The Panama Papers incident involved the hack of a law firm where its leaders had their personal documents taken. After this hack, the leaders of Spain and Iceland were forced to step down.
  • The Recent CIA hack, of course, was another huge one and arguably as devastating as the above-mentioned OPM hack. In this case, the CIA’s hacking methods were released to the public and many of the tools they use were made available to the public. Now amateur hackers can use the same tools to wreak havoc on private networks and individuals.
  • The DNC and John Podesta hack exposed the fact that the DNC colluded with the media and Hillary Clinton to keep Bernie Sanders from getting the DNC party nomination is obviously a huge hack as well as it was a legitimate case of hacking the US election.
  • The Sony Pictures hack by North Korea was another high profile hack which caused the company a lot of problems and was said to be done in retaliation for the company making a movie that was unflattering to Kim Jung Un.
  • The Iranian hack of critical infrastructure in the US took aim at a dam in Rye, New York. It could have taken lives so it obviously ranks very high on the list as well. It also marks perhaps the single biggest opportunity the US had to actually bring Iranian hackers to justice but instead the US government chose to do nothing.

A new breed of hacktrepeneurs has awoken and they have little to fear and everything to gain by infecting as many companies as possible and extorting money from them. Apex Technology Services stands ready to protect your company regardless of whether it’s located in New York CityWhite Plains, New York; Connecticut; Australia; Europe; or anywhere else. Our full suite of cybersecurity and IT support services is at your disposal, enabling you to spend less time worrying about and more time growing your business.

To ensure your security, consider one of our most popular services — Auditing & Documentationwhich pinpoints vulnerabilities in your infrastructure, process flow and internal security procedures.







Comments powered by Disqus

Related Articles