Why Hacks Like Equifax Will Keep Happening

CNN/Stylemagazine.com Newswire | 9/29/2017, 8:58 a.m.
If it feels like 2017 is a banner year for cyberattacks, that's because it is. And the hits will keep ...
Equifax says a giant cybersecurity breach compromised the personal information of as many as 143 million Americans, almost half the country.

Selena Larson

(CNN Money) -- If it feels like 2017 is a banner year for cyberattacks, that's because it is. And the hits will keep coming.

"We're living in the beginning of an era of mass targeted attacks," said Nate Fick, CEO of security firm Endgame. "Things are bad and they're going to get worse."

In just the last month, we've learned of a data breach from credit agency Equifax affecting 143 million people, an intrusion into the SEC, and a hack at major accounting firm Deloitte.

Almost 2 billion records were lost or stolen globally in the first half of 2017, according to security firm Gemalto, an increase of 164% over the previous six months.

The spike in global cyberattacks is the result of a perfect storm. Some tools used by government hackers have become public, such as when the NSA hacking tools leaked online. And it's easier than ever for hackers to make sophisticated tools to spread malware, ransomware, or steal data from companies. Firms also frequently fail to patch holes in their systems, at least in a timely manner.

"It's increasingly easy for essentially anybody to wield the kind of capability that used to be reserved for nation-states, or required nation-state level of expertise and investment," Fick said.

Attacks by nation-states are undertaken by hackers working for a government, rather than a criminal enterprise.

No one has attributed the Equifax hack to anyone, yet. But law enforcement has blamed nation-states for other high-profile cyberattacks such as WannaCry. In that case earlier this year, intelligence agencies linked the massive ransomware attack to North Korea. It infected about 300,000 computers in 150 countries.

According to Andrea Little Limbago, Chief Social Scientist at Endgame, cyberattacks will continue as geopolitical tensions escalate.

In the past, nation-state hacks didn't have widespread collateral damage. In 2010, the Stuxnet worm damaged Iran's nuclear program, but Limbago said it was mostly contained.

Fast forward to 2017: The sophisticated NotPetya cyberattack, which Ukraine blamed on Russia, targeted Ukrainian tax software in June, but infected companies around the globe. FedEx said the attack cost the company $300 million.

Sophisticated attacks are a threat, but the biggest hacks can be the result of known vulnerabilities that don't get fixed in time.

Hackers infiltrated Equifax through a flaw in a tool called Apache Struts, which is used to build web applications. The flaw was identified and disclosed in March, but Equifax's machines were not all updated and protected even months later, allowing the hackers entry.

According to Kelly Shortridge, product manager at Security Scorecard, many companies don't maintain basic security hygiene to prevent cyberattacks. That includes regularly updating and patching computers, implementing mandatory two-factor authentication, and training employees to recognize phishing attempts.

"Unfortunately you can't just put a security box on the network and everything will be solved," she said. "You have to be rigorous in monitoring, and rigorously prioritize how you protect your assets."

Keeping computers up-to-date costs time, money, and expertise -- sometimes patching a server means taking it offline, potentially affecting customers or business operations. Skipping a patch over financial concerns could lead to a more expensive data breach in the future.