Have State-Sponsored Hackers Infiltrated Your Network?

U.S. officials—with the help of a few reporters—revealed earlier this month that Chinese hackers had broken into U.S. government servers and run off with the records of 4 million federal workers. This incident was not the first data breach blamed on China and it surely won’t be the last. Far from it. In fact, the targeted U.S. agency, the Office of Personnel Management, had suffered a breach at the hands of Chinese hackers less than 12 months before the latest breach.

State-sponsored hackers today don’t just seek military or political information, but also business secrets in order to conduct economic cyber-espionage. They steal intellectual property and business plans and provide them to Chinese state-run businesses to outwit their foreign competitors.

Chinese hackers are also allegedly amassing a giant database of U.S. government workers as well as its rank and file citizens. Consultants brought into investigate the Anthem data breach, which exposed 80 million customer records, believe that China was behind the breach or at least linked to the breach. In addition to Anthem, Chinese attackers stole the personal data of 4.5 million users of Community Health Systems.

Researchers speculate that China may simply be gathering data for intelligence purposes or using the data to help streamline their spear phishing and Advanced Persistent Threat (APT) efforts. Regardless of their motives, the Chinese government is not alone. State-sponsored attacks from Russia, North Korea, and other countries have also resulted in costly, large-scale breaches.

U.S. Government Response: Batten Down the Hatches to Prevent Future Attacks

U.S. officials have taken note of the threat imposed by cyberattacks. The FBI regularly issues industry alerts, such as a private notice distributed to healthcare providers warning them that “The healthcare industry is not as resilient to cyber intrusions compared to the financial and retail sectors, therefore the possibility of increased cyber intrusions is likely.”[1]

In June, the U.S. government took its response public, announcing a 30-day “cybersecurity sprint,” and instructing federal agencies to beef up their cyber defenses. In a White House blog post, U.S. CIO Tony Scott states that “Technologies and systems of the past cannot keep pace with rapidly evolving and persistent cyber threats.” Federal agencies, according to Scott, must take a number of steps to further protect Federal information.

Specifically, the fact sheet advises federal agencies to:

See Tony Scott’s blog post for detailed descriptions of these requirements. These guidelines will undoubtedly improve security and foil many types of attacks.

How A10 Networks Can Help Keep State-Sponsored Hackers Out of Your Network

State-sponsored hackers are well-resourced and persistent. They have the manpower, the time, and the advanced tools needed to penetrate the most secure networks in the world.

Building up the defenses to stop state-sponsored hackers is not easy. Organizations must bolster both security processes and technologies to identify and stop attacks. Following the guidelines set forth in the 30-day cybersecurity sprint is a good starting point. But many organizations may need to implement additional controls to stop state-sponsored hackers.

Organizations can begin by assessing their IT assets and locating sensitive data. Then they should identify risks and remediate vulnerabilities. They should also deploy security tools like intrusion prevention systems, data loss prevention products, and forensics tools to identify or proactively stop attacks. They should also securely authenticate users—as described in the cybersecurity sprint guidelines—and encrypt sensitive data in transit and at rest.

Here’s how A10 Thunder Application Delivery Controller (ADC) can help:

Organizations need a wide array of technologies to identity and stop state-sponsored attackers. A10 Thunder ADC can solve several of the most challenging security requirements and can do it at scale—without impacting application performance or slowing down users.

[1] From a notice distributed by the FBI to healthcare providers in April 2014, according to Reuters

[2] “Global Internet Phenomena Spotlight,” Sandvine, April 30, 2015

[3] “APT1: Exposing One of China’s Cyber Espionage Units”, Mandiant


|

June 28, 2015

About Andrew Hickey

Andrew Hickey serves as A10's editorial director. Andrew has two decades of journalism and content strategy experience, covering everything from crime to cloud computing and all things in between. READ MORE