In just one day, the New York Stock Exchange (NYSE), United Airlines and the Wall Street Journal (WSJ) all experienced technical problems that disrupted business. Coincidence? Or cyber attack?
All three organizations quickly stated that these technical problems were glitches, not security breaches. In order to effectively make this type of determination, however, an organization must assess the situation by reviewing logs, codes, network behavior and other factors.
United Airlines grounded its fleet nationwide, tracing the issue to a malfunctioning router, the device that forwards data packets for destinations.
The NYSE halted trading for more than three hours and determined a software rollout with improperly loaded customer gateways caused its technical glitch.
And the WSJ determined that the reason readers couldn’t access its website was because the site was overloaded by people trying to find out what was happening with the NYSE.
While all three of these incidents appear to be coincidences, that’s not always the case.
Last month, the U.S. Office of Personnel Management (OPM) disclosed that 4.2 million records, including three decades of data on current and former federal employees, were compromised by a cyber-attack, allegedly from a Chinese-sponsored group. Information relating to finances, medical records, past drug use, current and former addresses, personal relationships and background on family and friends submitted when applying for security clearance were stolen. Even FBI Director James Comey’s records were compromised. Comey stated, “I'm sure the adversary has information on every place I've ever lived since I was 18. Every foreign travel I've ever taken. All of my family, their addresses."
How did this happen? The hackers obtained authenticated credentials from a private contractor employee who was granted access to the OPM’s system; these hackers reported that they’d had access to this data for more than a year.
Our government has some of the best cybersecurity talent and tools; yet, it’s compromised time and time again. Similarly, large corporations like Sony and Target also get hacked. Who’s to blame?
According to OPM Director Kathrine Archuleta, “If there is anyone to blame, it is the perpetrators who have been executing very well-funded, focused, aggressive efforts to our systems.”
While hackers are responsible for the crimes, there are certainly security measures all organizations, big or small, should have in place, including multi-factor authentication and private data encryption. Multi-factor authentication ensures that even if hackers obtains login credentials, they can’t access a system without a second form of authentication, like a secure-ID token. And even if the hackers find a way around multi-factor authentication, encrypting the data ensures it can’t be used.
I urge small business owners to learn from the mistakes made by large organizations — you’re never too big or too small to become a victim of cybercrime. And if you do experience a technical glitch, don’t write it off as a coincidence. Take the time and proper measures to determine if it’s a cyber-attack. Recognizing and stopping an attack early can minimize the damages.