McAfee, the computer security company, has issued a fresh warning to the world’s corporations and other large organizations. The firm has warned that hackers now have these bodies fully in their sights, and that a combination of the de-centralization of the workplace (thanks to to proliferation of mobile devices and the like) and the move to the cloud means in-house security technicians have their work cut out for them. And since there’s a market out there for stolen corporate secrets, you can bet that the bad guys aren’t going to stop anytime soon.
There’s a few things at play here. The first is probably that, now more than perhaps in the past, says McAfee, there’s very much a market for stolen corporate secrets. A bit of source code here, some revenue projections there, tie it in a bow, and hand it off to someone who could use that information. What did Bernie Ecclestone say, that money and sex makes the world go ‘round? (I don’t know, I’m reading this book and it was mentioned.) Offer enough money and you’ll find someone willing to break into this or that server, no questions asked.
And it’s perhaps easier to get this information. Back in the day, a corporation’s private data might be stored in a server under lock and key, and you’d need physical access to get at it. That’s not so much the case anymore. People work from home, and they sometimes need access to this or that file. That means you have to create some sort of remote-access system, a system that could be compromised all the more easily. (How many of you use one of those RSA keyfobs to log into your job’s server? Think along those lines. Oh, almost forgot: RSA was partially compromised a few days ago. Fun for everyone!)
Then there’s also the fact that seemingly all of us are carrying around mobile devices. How many of you have sensitive information about your clients (or whatever the case may be) on your smartphone or tablet? What if you lose said smartphone or tablet? That could be trouble. Ten, 15 years ago your company’s network security staff didn’t have to worry about you leaving your iPhone at a bar, did they?
There’s also the transition to the cloud to examine. Corporations are readily storing their own information somewhere else! Now you don’t even have the physical access to your own sensitive data—could be problematic.
McAfee says this has become a pointed problem in countries like Brazil and Germany, and that it’s particularly troubling because you might not even know if your data has been stolen. A quick cp here and there and you’re boned.
What to do? First, panic. Second, learn how to use your equipment. At the very least put a password on your mobile device in the hope that the bad guys will see it as not worth the energy to try to crack; plenty of other unsecured devices out there. Third, make sure you know who you’re dealing with. If you’re storing data on a third-party sever make sure you understand what their security polices are, and what they’ll do in case of an attack.
Other than that? Yeah, panic. Just panic, everyone.