Attack by “Anonymous” of Federal Reserve provides key lesson in data protection
Businesses, both large and small, need to sit up and take notice: none other than the Federal Reserve system of the United States has admitted that its networks have been breached. The incident has led experts to emphasize the essential nature of best practices when it comes to computer safety. Among the strongest recommendations to emerge from the breach has been the necessity of establishing strong encryption for passwords and other login information.
The breach itself occurred on February 3, 2013, when Anonymous, a “hacktivist” group, succeeded in entering computer systems in contact with those at the Federal Reserve. The group managed to harvest more than 4,000 sets of credentials before the attack ended; these included user names and passwords as well as personally identifying information including cell phone numbers for some of the accounts.
According to hardware security expert Edy Almer, one of the lessons unveiled by the attack is that data including login credentials should simply not be stored in databases that are accessible via the World Wide Web. A better procedure is to house user names and passwords on hardware that is not kept online. Authentication at the machine level can then be used to access the information on an as-needed basis. This protocol would make it much more difficult for cybercriminals, hackers, and “hactivists” alike to obtain sensitive information.
Experts in the cybersecurity field have already noted that the business environment in the United States is responsive to the need for better online security. A challenge that has emerged, however, is the level of redundancy when it comes to storing authorizations and credentials. Such information is typically scattered across several different systems, and the level and types of data protection in place on each system can differ markedly. Even SMBs may face these kinds of challenges as they try to improve their computer and data security practices.
Encryption of sensitive data remains a pressing need for SMBs as well as their larger counterparts.
Take our Free 27 Point Network System Audit
Now is the time to take action and have a true data security expert anaylyze your network integrity and security. Great Lakes Computer offers a free 27 point system audit so you can be prepared and know where your network security stands.