A 28-year-old British man, Lauri Love, has been arrested in Suffolk under the Computer Misuse Act on suspicion of hacking into US military and US Government computer systems. According to US authorities, Love planted ‘back doors’ in the networks of the US Army, Nasa and the Environment Protection Agency, among others, in order to steal highly sensitive data. Love, who is thought to have worked with other hackers, is alleged to have illegally accessed budgets as well as personal information of thousands of individuals, including military personnel.
David Higgins, professional services manager for UK & Ireland at CyberArk, has made the following comments:
“This high-profile hack is another example of the diverse methods that are used by today’s cyber criminals to exploit networks and systems. Security has long revolved around firewalls and other traditional defences, however, hackers have far surpassed the sophistication of these standard defences.
“Once successfully inside a corporate network, criminals are able to access and steal valuable and sensitive information, and as seen in this case, can plant back doors to enable access to these systems at a later date. As such, organisations need to take steps to proactively lock down their network, whilst also altering their mindset to the fact that it’s not a question of ‘if’, but rather, ‘when’ they will be hacked.
“Top of mind for organisations must be the defence of privileged accounts and credentials – a proven sweet spot for attackers. Routine monitoring, managing and policy creation around all internal privileged access and activity is a necessity and will limit the vast damage that can be caused by attackers. Ultimately, as this case and many before it have shown, the onus here is on organisations to continually re-evaluate the security in place around these internal privileges in order to ensure that they are doing enough to protect what matters most.”