- While the attack on SolarWinds software is arguably the most significant state-sponsored hack we’ve seen in years, it’s more than an isolated incident. It is emblematic of a constant reality of the digital era: We’re all likely to get hacked at some point. Our ability to respond determines our ability to operate. Digital security is now a broad governance imperative.
- It takes a company 207 days to identify that a breach has occurred, and another 73 days to contain it.
- A victim’s fundamental questions are, “Who has accessed our data? Which data, when, and why?” In other words, the ability to trace all contact with sensitive data is vital.
- Applied to digital systems, contact tracing could become a powerful security technique.
- The idea is for organizations to be able to share details of how they were attacked and what was targeted—the who, what, and when—as quickly as possible with other organizations.
- This concept could help organizations identify breaches sooner and remediate faster and more effectively. Through sharing, attack techniques could be more thoroughly understood, and with the right reporting mechanism, the resulting threat intelligence could be shared to help more organizations avoid a breach in the first place.
- Data contact tracing could dramatically shrink the “dwell time”—the period between detection of an attack or compromised system and notification to the world.
- The technology exists to contact-trace our data and to automate the real-time extraction of insights.
- Doug Merritt | February 18, 2021
- The ShinyHunters cybercrime operation runs a data exfiltration and sales business that appears to be off to a roaring start again this year, following on the heels of its data breach spree last year.
- Many of last year's biggest hits apparently trace back to one gang: ShinyHunters.
- After nearly 50 data breaches in 2020, so far this year, the gang has already been blamed for data breaches at e-commerce site Bonobo and dating site MeetMindful.
- Last month, ShinyHunters posted stolen Bonobo data to cybercrime forum RaidForums, including account information for nearly 2 million registered users.
- In January, for example, a RaidForums user called "Spiral" posted what they said was the set of data exposed in the September 2020 breach of Australian PDF-creation service Nitro, which the user said had been "dumped by ShinyHunters."
- "ShinyHunters has made a number of posts about being frustrated that people were reselling their data, so they release it for free or dirt cheap," said Zack Allen, director of threat intelligence at ZeroFOX.
- Mathew Schwartz | February 18, 2021
San Diego Cyber Incident Response Guide
Learn more about San Diego’s region-wide cyber incident response guide and available local, state and federal resources.