Posts Authored by S. Courter Shimeall

The need for a cybersecurity plan: Another reminder

We’ve reported on several recent cybersecurity issues confronting businesses, including when hackers took over a California hospital’s network and demanded payment as ransom, the Sony hack, the Home Depot data breach, the Anthem data breach, and the Target data breach, just to name a few. These are constant reminders from just the past year of the cybersecurity dangers lurking. 

The Washington Post provides us with another reminder that these issues aren’t going to die down any time soon. Their article, titled “The hackers that took down Sony Pictures are still on the attack, researchers say,” explains that hacking and data breaches are a constant and continuing issue. Organizations are well advised to have policies and procedures in place to prevent and respond to the present-day cybersecurity landscape. 

The article mentions a few key passages:

  • "[R]esearchers say they've linked the [Sony] a chameleon-like group active since at least 2009 and still on the digital warpath[.]"
  • "A new report from cybersecurity firm Novetta dubs the attackers the "Lazarus Group" – a reference to a biblical figure that comes back from the dead – because it seems to rise up with new identities for different campaigns."
  • "The researchers say they've found evidence of campaigns by the group attacking targets across the government, military, financial, media and entertainment, and critical infrastructure sectors in the United States and several different countries in Asia[.]"
  • "[C]hasing the attacks back to their sources has been difficult because the group has taken steps to hide their path. 'They like to hack innocent servers and then use them as command and control structures,' using the compromised systems to help shield the hackers' true location, said [Juan] Guerrero [a senior security researcher at Kaspersky Lab]."
  • "[T]he researchers say [the Lazarus Group] is a formidable digital opponent. 'We have a very clear group or organization that is extremely well-organized, well-motivated, and has a continued trajectory and interest in a specific type and area or region of attack," said [Andre] Ludwig [a senior technical director at Novetta]."
Data Breach, General News