It wouldn’t take much time to scour the Web for reports of companies proclaiming security as top priority, but talk is cheap — and this applies to you, too, Uncle Sam! On June 4 we got the message loud and clear that any entity is vulnerable to attack.
In what can be referred to as a massive data breach, the Washington Post reported the personal records of nearly four million current or former government employees may have been compromised from the Office of Personnel Management (OPM). The Post reports the attack initially occurred in December, was discovered in April and it isn’t until now the government has spoken on the topic.
OPM Chief Information Officer Donna Seymour told the Post, “Certainly, OPM is a high value target … We have a lot of information about people, and that is something that our adversaries want.”
While being aware of this is phenomenal, providing protection for this “high value target” would be nice. OPM’s Director Katherine Archuleta noted in a statement that protecting this data is “of the highest priority at OPM,” but actions speak much louder than words.
Currently, the FBI is undertaking an investigation to get to the bottom of this but early suspicions have put the onus for the attack on Chinese hackers.
The Wall Street Journal talked to an FBI spokesman who noted, “We take all potential threats to public and private sector systems seriously, and will continue to investigate and hold accountable those who pose a threat in cyberspace.”
The same Wall Street Journal report noted a government official referring to the attack as “one of the largest thefts of government data ever seen.”
While many are quick to gather an angry mob and hunt down the guilty party (-ies), the details must be allowed to come to the fore. And, what we are finding today is many firms that are claiming security as a priority are, figuratively, left with egg on their faces. For the Internet of Things (IoT), the Enterprise and the federal government, the time for games is over, and the time for action is now. Attacks in the future will only become more complex, elaborate and capable of irreparable harm.
I have to chuckle a bit to myself because this month just so happens to be National Internet Safety Month. Remember to change your passwords!