Sunday 11 April 2010

Modern espionage, social media and the cloud

Reports are emerging of another attack on government computers, this one by a group in China that targeted networks in India and other countries. Among the data the hackers obtained are information on missile systems and relations between governments as well as correspondence from the Dali Lama’s office.

The researchers who identified and tracked the hacker’s actions have identified social media as the main means to infiltrate the networks. In the report, the researchers point to Twitter accounts, Yahoo Mail accounts, Google Groups and Blogspot blogs as among the hackers’ infrastructure. Compounding the problem is that some of these networks used cloud configurations, which the report alleges provides a “powerful mode of infiltrating targets who have become accustomed to clicking on links.”

What the researchers are also clear about – and perhaps the most alarming aspect – is that there is no way to track exactly what the attackers did once on the networks. Not being able to know the state of data at any time is the key to this hack – rather than the security vulnerabilities from the cloud infrastructure or social networking. We have advocated a security defense from the inside out – rather than the commonly accepted firewall to database approach.

In this threat environment, governments and others in the public sector will be targets. Quite simply put, the information that they hold is valuable to someone, and the hackers know this. What the report should signal to all groups holding sensitive information is to assume that your network will be infiltrated. What information will be at risk and how will you know if it is being accessed inappropriately? Knowing the answers could mean the difference between data protection or a devastating hack.