In the various postings of the Boston Criminal Lawyer Blog, I have pointed out various areas in the criminal justice environs in which we are vulnerable. Often it relates to being unfairly treated in the system when one’s last name becomes “Defendant”. However, I also try to pay heed to instances where the one at risk is the alleged victim of a crime. In most cases, my point is that we, as the general citizenry, are the ones at risk when it comes to the big picture.
We have dealt with all kinds of criminal activities from drunk driving, to sexual assault to murder. And…oh, yes, there is white collar crime as well. Including Cyber-Crime.
Today we turn to a Massachusetts white collar/ cyber-crime issue. One in which, despite law enforcement’s rhetoric, does not seem to be abating.
Today, Boston.com reveals that, despite the various high profile data thefts in the last few years, it appears that “major US companies are as vulnerable as ever to hacker attacks. The response from many of those working in the companies is that they lack the resources necessary to stem this tide. At least, that is what Waltham-based computer security company CounterTackInc. (hereinafter, the “Company”) is reporting.
You see, the Company conducted a survey involving 100 information security executives at companies with revenues greater than $100 million. The survey has revealed that half of those companies have dealt with computer network attacks over the previous year. One third of the executives indicated doubt as to whether their companies could actually prevent future attacks. 84 per cent said that they were vulnerable to “advanced persistent attacks” . These would include “highly aggressive assaults launched by major criminal organizations and foreign governments”.
An example? The 2011 attack¬ on the Bedford data security company RSA Security is cited.
In that matter, the company’s SecurID data protection technology was compromised and lead to follow-up attacks¬ against major American defense contractors who relied on RSA’s network security products.
“This is not some simple kid playing with a computer to cause you some heartburn,” said the Company’s chairman William Fallon. “This is very sophisticated¬ penetration by people who are well trained. They know what they’re doing.” Fallon, a retired four-star admiral who was in charge of the United States military’s Central Command explained further that such advanced and persistent threats are the most dangerous because they are conducted by highly skilled criminals or spies with ample resources and plenty of time.
The targeted entities, as the survey suggests, have admitted that they lack the resources to prevent the success of these attacks.
Want alittle worse news?
Mike Tuchen, chief executive of the Boston data security company Rapid7 LLC, said that if anything, the Company’s survey understates the vulnerability of corporate networks. On the other hand, Tuchen pointed out, the threat of advanced persistent threats could actually be overstated because most companies aren’t likely targets for such intensive hacking. “Targeted attacks are really going against companies that are strategic targets” like major banks, because “that’s where the money is.”, he explained. The same would be true with defense contractors or companies that operate critical infrastructure, like electric utilities. They would be likely targets for attacks from hostile foreign governments, he added.
Attorney Sam’s Take On The Threat Of Our Cyber-Crime Problem
Well, understatements and overstatements aside, it sounds like a pretty serious problem to me.
Of course, I am not a national defense expert. I am a criminal defense expert. So, other than beginning your day on a sour, if not paranoid, note, you may be wondering what this subject could possibly have to do with you on that level.
Assuming, of course, you are not engaged in such computer espionage.
As it turns out, and as I will discuss in more detail tomorrow…..plenty.
We will be getting to how after a few more examples as the week continues.
In the meantime, allow me to announce that the Boston Criminal Lawyer Blog is going back to its daily publication. I will make every effort to post in the morning, but, rest assured, it will be there Monday thru Friday again. You may even notice some other structural changes along the way.
As always, please accept my sincere thanks for reading!
For the original story upon which this blog was based, please go to http://www.boston.com/business/technology/articles/2012/08/13/study_companies_remain_vulnerable_as_ever_to_hackers/