We’ve already warned readers that this year will be one for the record books when it comes to cybersecurity and sadly our prediction was spot on.
Since our prediction, we’ve had an insider threat in Baltimore, learned half of companies aren’t aware of their IoT breaches, the government shutdown in the U.S. might increase spear phishing attacks, the education market is seeing cybersecurity threats skyrocket, China is attacking the U.S., our home state of Connecticut had a major breach, DHS says the U.S. is not prepared for current cyber attacks, hackers are threatening users with child porn, industrial systems are being hacked and so on.
More recently, the former Homeland Security Secretary Janet Napolitano said, “I think one key gap was our inability to have formulated national cybersecurity standards that were mandatory, not voluntary.” She advocates for some sort of international understanding or global treaty on cybersecurity.
This is especially important because new threats are emerging.
For example, the Luhansk People’s Republic, a region that has claimed independence from Ukraine with the backing of Russia’s military, isn’t recognized by the United States, the European Union or NATO. But it has a hacking army and it’s targeting the Ukrainian government and military via phishing attacks and other means. “This is probably the most extreme case to date of an ultra-small group targeting a national government with a sophisticated hacking operation,” John Hultquist, FireEye's director of intelligence analysis said.
Many suspect this could usher in a new era of small nations or nonstate actors developing sophisticated hacking operations. This could mean a big headache for the United States and other global powers, which will have to defend themselves against a new slate of digital adversaries.
Willie Sutton is credited for the statement in response to a question about why he robbed bankc, “Because that’s where the money is.” This is exactly why western companies are targets – all of them. Because relatively speaking, that’s where the money is and hackers typically know the English language making hacking easier than hitting an organization in Japan.