sb-nz logo
Story image

Experts comment on US Customs data breach

12 Jun 2019

The United States Customs and Border Protection agency has been responsible for the leaking of tens of thousands of images of travellers and license plates.

The CBP emailed a statement to journalists saying that a federal subcontractor had transferred copies of the images to its network.

The agency said this was done without its knowledge and in violation of the contract.

The subcontractor was subsequently hacked. The data leaked was a collection of images of drivers photo identifications and license plates of vehicles crossing through one port of entry over a six-week period.

The CBP said that none of its systems were compromised.

In the statement, the CBP said none of the image data has been identified on the dark web or internet.

“CBP has alerted Members of Congress and is working closely with other law enforcement agencies and cybersecurity entities, and its own Office of Proffessional Responsibility to actively investigate the incident.

The agency said it has removed all equipment related to the breach from service and is closely monitoring all CBP work by the subcontractor, which it continues to work with.

“CBP requires that all contractors and service providers maintain appropriate data integrity and cybersecurity controls and follow all incident response notification and remediation procedures.”

Here is what cybersecurity experts had to say about the breach:

BlackFog CEO and founder Darren Williams

Nobody is safe from cyberattack – not even US government agencies.

With this latest data breach targeting travellers’ sensitive and personal information, it’s clear that organisations need to improve their cybersecurity practices.

In particular, the risks that third-party subcontractors pose to cybersecurity practices are increasingly evident.

The emphasis on protecting consumer data needs to not only be woven through an organisation’s culture, but also in all of its contractor relationships.

This means having honest conversations at the outset of procurement to conduct due diligence on a contractor’s cybersecurity protocols.

Just as a business would credit check potential suppliers to ensure they have the necessary cashflow, organisations need to get suppliers to validate they have strong perimeter defence, data loss prevention measures, and preventative cybersecurity approaches in place, to avoid breaches like this from continuing to happen.

Proofpoint threat research and detection senior director Sherrod DeGrippo

It is critical that organisations prioritise the security and access controls of their vendors, providers, and partners.

These groups regularly handle sensitive data and must be examined by organisations thoroughly as they have the same culpability as the organisation itself.

We recommend that organisations review subcontractors and other providers’ data security posture as if it were their own.

Additionally, organisations can develop threat profiles that highlight areas of risk across verticals and implement a proactive people-centric security approach that mitigates each threat appropriately.

Story image
As digital transformation grows in A/NZ companies, misconceptions about their role in cloud security abound
While an 81% majority of A/NZ organisations are accelerating their digital transformation, a giant 99% of surveyed respondents say they believe their cloud security provider provides enough protection, according to a Trend Micro study. More
Story image
A brief history of cyber-threats — from 2000 to 2020
Many significant cybersecurity events have occurred since the year 2000 — not every one of them ‘firsts’, but all of them correlating with a change in security behaviour or protection.More
Story image
Online gaming a 'hotbed' for DDoS attacks — report
The latency and availability issues present in online gaming, in particular, presented an attractive target to attackers, in addition to the enduring popularity of gaming in the era of COVID-19.More
Story image
APAC secure content management market to hit $2.2 billion by 2024
The proliferation of cloud-based deployments will largely drive this, the report says, as the COVID-19 pandemic motivates more enterprises to move their workloads to the cloud and rely more on the internet. More
Story image
SMEs treading water against 'endless volley' of cyber-attacks — report
According to a new report from Cynet, these SMEs are resorting to outsourcing some aspects of their threat mitigation in order to safeguard IT assets, as a result of the heightened risk of serious breaches.More
Story image
IronNet expands Asia Pacific presence with new strategic partnership
“The combination of M.Tech’s extensive network in Asia Pacific and our unparalleled expertise in threat intelligence and detection will help more enterprises across the region to proactively identify and take down known and unknown threats before they happen.”More