Friday, June 19, 2015

Encryption Would Not Have Prevented OPM Hack

A Wall Street Journal (WSJ) article reviewed what we know about the “unprecedented hacking by China of confidential databases” at the Office of Personnel Management (OPM).

The records of more than four million federal employees, as well as listings of which Chinese citizens are in contact with American officials. And it appears that not just civilian personnel were affected but defense officials and the military community.

"encryption would not have helped in this case because the attackers had valid user credentials."
- Homeland Security Assistant Secretary for Cybersecurity, Dr. Andy Ozment
Unfortunately, encryption would not have prevented the hackers from obtaining data because they had valid credentials of insiders, according to the Department of Homeland Security. Organizations seeking to proactively detect hackers posing as insiders can utilize low-cost on-demand SaaS analytics services.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Hacking Government Apart - www.WSJ.com, 06/18/2015

No comments:

Popular Posts

Copyright © 2010-2017 by Veriphyr Incorporated, All Rights Reserved.

Contact us at Veriphyr.com.