The laws of nature that ensure survival also apply to data protection.
Our World is Changing
“Traditional” Forms of Cyberattack
Up through the early 2000’s, this was a group you could almost root for. Everything from whiz kids with computers to groups exposing human abuse and corporate misdoings.
Traditional data theft has cost millions to businesses and consumers alike. Sensitive data was accessed and sold for identity theft, fraud and intellectual property theft. The original data was left in place and still accessible by the rightful corporate owner.
Historically not targeting private individuals or corporations, nation-states have long used computers for espionage, and in some cases, intellectual property theft.
“New” Forms of Cyberattack
The New Hacktivist
No longer a joke or misguided “public service,” hacktivism has become a tool of groups like Anonymous and rogue political actors such as ISIS.
- Anonymous uses Internet Relay Chat or Twitter to coordinate thousands of users – sometimes internationally – and maximize the efficacy of attacks.
- ISIS hacked into a military support group posting direct threats to military spouses.
- ISIS hackers were also attributed with bringing down the US Military Command Center website and Malaysia Airlines website.
Rather than accessing data with little notice and then reselling it on the black market, criminal syndicates are now “ransoming” data for direct payment from organizations.
- Malware has been created that freezes access to every file, including photos, documents, and programs with a secret pass key known only to the hacker.
- Hackers have now organized into crime syndicates that boldly launch massive attacks against entire companies.
- CryptoLocker is the first mainstream attack where security companies don’t have a method for decrypting the virus… There is virtually no cure.
Nation-State / Sony
It’s feared that this unprecedented attack by a foreign nation against a specific corporation is the harbinger of future cyber warfare.
- Irreplaceable data was destroyed, executives and employees humiliated and routine daily business brought to a halt for weeks.
- As noted in the Financial Times and other publications, large quantities of Sony’s data were systematically destroyed.
- For weeks after the attack, due to fear of additional attacks and digital violations, Sony’s internal use of email, online services, computer hardware and software was out of the question.
“”World War III will be fought online…”
Fred Moore, Industry Analyst, Horison Information Strategies
“Forms of attack we didn’t think possible…
- IT infrastructure can be destroyed by short, sharp pulses high in voltage but low in energy—output that can now be generated by a machine the size of a suitcase… batteries included.
- “With the proliferation of cloud computing, more data is being placed in fewer baskets, and that reliance on failover sites has reduced physical security” – George Baker, CEO of BAYCOR , Data Center World Conference, 2014.
Intentional Electromagnetic Interference
- Most electronic equipment can survive a pulse of 10 Volts per meter.
- An EMP creates a pulse of >10,000 V/m.
- Not a virus, not a theft, not a hijacking… pure destruction.
Malware infecting hard disk firmware
- Recently discovered: Malware embedded deep within hard drives made by top hard disk manufacturers.
- Until recently, it wasn’t even thought possible to hack the source code of disk drive firmware and embed lines of malware.
- It means you could wipe the entire drive, reinstall your computer’s software from scratch – and still be infected.
Genetic Diversity’s Role in Data Protection
Our digital world is growing at an astounding rate. The ongoing collection, analysis and dissemination of vast amounts of data is enriching society’s collective knowledge and understanding – its genome – in unprecedented ways. Yet, in this gold information age, no person or organization is immune from devastating irreparable data loss, whether by natural disaster, cyberattacks or simple human error.