Skip to main content

Equifax breach shows signs of a possible state-sponsored hack

© Provided by Engadget Ever since word of the Equifax hack got out, there's been one lingering question: was it a state-sponsored attack, or just criminals who took advantage of a security hole? At the moment, it looks like it might be the former. Bloomberg sources have shed light on the ongoing investigations into the breach, and they claim there are signs of a government's involvement. The initial group of hackers weren't particularly experienced, according to the tipsters, but they handed things over to a more "sophisticated" team. There are even hints that this might be the work of Chinese intelligence agents, although it's not yet clear who's responsible.

The insiders say that "many" of the tools used in the hack were Chinese in origin, and that there are similarities to China-backed breaches targeting the health insurance firm Anthem and the US government's Office of Personnel Management. Also, none of the stolen data has surfaced online -- whoever took it wasn't in a rush to profit. This was a "'get as much data as you can on every American' play," one of Bloomberg's contacts said.

However, sources aware of federal investigations say only that there's evidence of a state-sponsored attack, not that it points to any one country. Equifax's security consulting partner, Mandiant, wrote as recently as September 19th that it couldn't identify the culprits or where they came from.

As it is, Equifax may have been its own worst enemy in the early days of the breach. The company had hired Mandiant to look into earlier security issues, but there was a he-said-she-said fight over Equifax's security in the weeks surrounding the hack. Equifax reportedly thought Mandiant had sent rookies to look into the vulnerabilities of its systems, while Mandiant decried what it saw as unpatched systems and sloppy policies. An Equifax spokesperson told Bloomberg that it has had a "professional, highly valuable relationship" with Mandiant and isn't commenting on its ally's investigation, but the scoop suggests that the squabble may have hurt the chances of a timely fix for the flaw that compromised 143 million Americans.

Whatever contributed to the incident, there are significant ramifications if there's a foreign power involved. If it's China, it'd be a huge violation of the US-China agreement that was supposed to put an end to hacking campaigns. Many didn't expect either side to fully honor the pact, but this would be an overt violation. And if it's another known country with state-sponsored hacking, like North Korea or Russia? That wouldn't be any better, as it would exacerbate already high tensions. No matter who's behind this, things could get very thorny very quickly.

Bloomberg

Popular posts from this blog

Tech 2017: Biggest fails, scandals and embarrassments

© Provided by IBT US This year brought many tech innovations and products, like the iPhone X, virtual reality headsets and augmented reality on apps. However, the tech industry also saw failures this year. Like all businesses, not all products or ideas succeed. The tech industry saw some of its gadgets fail to take off. Besides product failures, the sector was also plagued by scandals and congressional testimonies. Here are the tech industry’s 2017’s top product flops and scandals: Amazon Key In late October, Amazon announced a new delivery method for Prime members which allows drivers to set packages inside customers’ home . The delivery system works with the Amazon Key In-Home Kit that is set up for $249.99. With the kit, users can select the “in home” option on the app and get their items delivered inside their homes. Prime members can receive alerts and can see the delivery happen in real-time through the app. While the service was pitched to people who are too busy to s...

Cimatu warns miners: Don’t befoul watersheds, forests, aquatic resources

© Provided by Mediamerge Corporation Newly-appointed Environment and Natural Resources Secretary Roy Cimatu poses for a photo before being sworn into office by President Rodrigo Duterte ahead of the 15th Cabinet meeting in Malacañang on Monday, May 7, 2017. Robinson Niñal/PPD Environment Secretary Roy Cimatu on Tuesday warned mining firms to observe responsible mining and avoid destructive practices or face sanctions His pronouncement came in response to President Rodrigo Duterte's second State of the Nation Address, in which the chief executive emphasized mining's impact on the environment. "I know for a fact that in a number of cases, weak and irresponsible mining practices result [in] environmental destruction—contaminating farmlands and poisoning our rivers and seas," Cimatu said in a statement. "Miners better refrain from despoiling our watersheds, forests and aquatic resources," he added. Cimatu said the Department of Environment and Natural Res...

Tesla cloud account hacked to mine cryptocurrency

© Provided by The Hill An unidentified outside hacker infiltrated Tesla's Amazon cloud account and used its systems to quietly mine for cryptocurrencies, a cybersecurity firm announced Tuesday. The hack also potentially exposed the electric car company's data. Researchers for RedLock found that Tesla's credentials on an IT administrative console were not password protected. They made the discovery while trying to track down which organizations had left their Amazon Web Services (AWS) credentials openly exposed on the internet last month. The hackers quietly hijacked the console and began running scripts to generate virtual currency like bitcoin, the latest in a series of "cryptojacking" attacks. The researchers also found the hackers used "sophisticated evasion measures" to go undetected. A spokesperson for Tesla said the company learned about the breach in a company-sanctioned bug bounty program that pays outside hackers to discover vulnerabilitie...