Cyber Report: 2015 Was the Year of Collateral Damage

CYBERSECURITY

Cyber Report: 2015 Was the Year of Collateral Damage

4/1/2016
By Yasmin Tadjdeh

With the Office of Personnel Management hack and other intrusions affecting tens of millions of people last year, a recent cybersecurity report dubbed 2015 the “year of collateral damage.”

The annual cyber risk report — which was produced by Hewlett Packard Enterprise and released in February — said breaches affected citizens who never dreamed they would be involved in such an intrusion.

“Folks are seeing that not only do these hacks result in perhaps the theft of your personal data, your identity data, but … [hackers] can do an awful lot of very bad things with it,” said Denby Starling, HPE’s vice president and account executive for Navy and Marine programs. “They can not only steal your money, they not only can impersonate you online, but they in some cases can embarrass you publicly.”

The report found that while organizations such as Microsoft and Adobe released more patches than ever before, that was not enough to stymie some viruses.

“The most exploited bug from 2014 happened to be the most exploited bug in 2015 as well — and it’s now over five years old,” the report said, referring to a virus known as CVE-2010-2568. “While vendors continue to produce security remediations, it does little good if they are not installed by the end user.”

The necessity for users to download patches isn’t new, but it still isn’t being done, Denby said.

Hewlett Packard Enterprise — which runs the Navy and Marine Corps’ Intranet — puts a premium on improving the services’ networks with a variety of updates, he said.

Users, in general, sometimes resist installing necessary security patches because they are afraid that the software upgrade will break existing applications, the report found. It called on industry to build more trust with users to “to help restore faith in automatic updates.”

Microsoft Windows was overwhelmingly the top platform for malware with 94 percent of such software targeting the platform. Android systems accounted for 3 percent, the report said.

As the report looked toward 2016, it said there would be a focus on metadata, the Internet of Things, encryption and security.

Photo: iStock

Topics: Cyber, Cybersecurity

Comments (0)

Name *

Email *

Comment *

Please enter the text displayed in the image.

Characters *

Legal Notice *

NDIA is not responsible for screening, policing, editing, or monitoring your or another user's postings and encourages all of its users to use reasonable discretion and caution in evaluating or reviewing any posting. Moreover, and except as provided below with respect to NDIA's right and ability to delete or remove a posting (or any part thereof), NDIA does not endorse, oppose, or edit any opinion or information provided by you or another user and does not make any representation with respect to, nor does it endorse the accuracy, completeness, timeliness, or reliability of any advice, opinion, statement, or other material displayed, uploaded, or distributed by you or any other user. Nevertheless, NDIA reserves the right to delete or take other action with respect to postings (or parts thereof) that NDIA believes in good faith violate this Legal Notice and/or are potentially harmful or unlawful. If you violate this Legal Notice, NDIA may, in its sole discretion, delete the unacceptable content from your posting, remove or delete the posting in its entirety, issue you a warning, and/or terminate your use of the NDIA site. Moreover, it is a policy of NDIA to take appropriate actions under the Digital Millennium Copyright Act and other applicable intellectual property laws. If you become aware of postings that violate these rules regarding acceptable behavior or content, you may contact NDIA at 703.522.1820.

I have read the legal notice.

Find an Article VIEW ALL ARTICLES