Have we reached a tipping point on the Internet where companies who are not breached are the exception rather than the norm? Reading the headlines every day, it sure seems like it with companies like Sony, Honda, and Apple falling victim. Another company, EMC, was also attacked in March but instead of losing customer data they lost the keys to their RSA SecurID tokens. For those who are unaware, most corporations use these tokens, combined with a password, to allow their employees to connect to the corporate network from their homes.
Now Reuters is reporting that unknown attackers have used data gained from the SecurID breach in order to successfully break into Lockheed Martin, a defense contractor for the United States government. At this time nobody knows whether any data was actually taken or not. It’s interesting to note that while most attacks have been attempting to gather personal information about users, this is one of the few published attacks targeting a company that does not deal directly with the public. It also appears that the attack on EMC/RSA and Lockheed Martin have been more advanced than simple SQL Injection attacks.
What does this mean for the future of the “always on” Internet? It seems like it’s too late to go back, but how can we better protect our sensitive data? Although there are no easy answers to these questions, with the advent of “cloud computing” we are seeing more and more sensitive data being put online so solutions need to be identified and implemented.
Image Courtesy of Wikipedia