Hacked? Blame China and forget !!

Thanks to the global media and IT security forums for headlines and discussions in recent weeks,you might not have missed the news that digital forensic investigation firm Mandiant has accused People’s Liberation Army (PLA) Unit 61398, a Chinese military cyber operations group, for launching persistent threat attacks against many businesses and government organizations since 2006.

The panic button , pointing Chinese hackers, has been pressed. Well, what next?

“If you know that the People’s Liberation Army is spying on you, do you change your defenses? How? Do you look for Chinese language intrusion prevention tools?” said Alan Paller, director of research for SANS, in a recent newsletter.

Thanks to the Department of Revenue of South Carolina, which stored 3.3 million bank account numbers, as well as 3.8 million tax returns containing Social Security numbers for 1.9 million children and other dependents, in an unencrypted format. When the infamous data breach was detected, the blame was on unnamed Russian hackers. The state has now urged anyone who has filed a tax return in South Carolina since 1998 to contact law enforcement officials. Why South Carolina authorities did not learn anything from the Utah and Texas breaches?

Very recently, we all were flooded with reports that tech giants Apple, Facebook, Twitter and Microsoft were all compromised by attackers who gained access to a third-party iOS development website, then used it to infect visitors’ Mac OS X systems using drive-by malware attacks thanks to a zero-day vulnerability in Java. These companies responding cautiously on the attacks and still claiming to be maintaining best standards of security.

Seriously speaking, does it matter who attacked them?

Across the globe, IT has become highly critical for survival of the businesses.  The important  issue is whether you have an effective & updated information security policy and practices document? Do you have and follow robust information security practices? Is your network can be owned by anyone – a hacker, an ex-employee, a corporate espionage inside agent, cross border agencies ? Is your data safe – with strong need to access practices and logs that are reviewed meaningfully?

In essence, the question is a simple and straight forward one – Do you able to protect your business in a cost-effective way? Or even simpler – do you have an IT Governance framework?