Chinese army officers charged in huge Equifax hack
Nearly 150m Americans had personal data compromised in the hack of credit rating giant Equifax.
From Ambuj Kumar, CEO & Co-Founder, Fortanix:
“Compared to conventional war, cyber warfare offers more precision. One can control exactly what and whom to target. Also, it’s much less expensive. This is why we will see more and more instances of cyber battles in future. This is a reminder that all businesses that are entrusted with protecting the privacy of personal information should be encrypting that data. With an adversary as sophisticated and well-funded as a nation-state, it is inevitable that they will penetrate defenses and get to the data but it is useless when encrypted.”
Jamil Jaffer, Vice President for Strategy & Partnerships at IronNet Cybersecurity. Let me know if you have any questions!
“The Equifax indictment further reinforces the fact that the Chinese government continues to engage in a decade-long effort to target US companies for economic gain and security exploitation. When it comes to the Equifax hack, it is worth noting that the Chinese aren’t looking to sell this information on the dark web like an ordinary hacker, but instead aim to use it to identify potential longer term opportunities, including larger scale cyber efforts and human intelligence efforts. It could be days, weeks or years until we see the intelligence they gathered put into use. This makes the critical question now not just how the Chinese executed the attack, but how can we protect against similar threats in the future.
Expecting private sector organizations to face down such nation-state threats–threats that can operate with a laser-like precision and deploy vast human and technical resources–is unrealistic if they have to do it alone. Typically we’d expect the government to defend companies and their property against nation-state threats, but in the cyber realm, we expect companies of all sizes to defend not just against individual threat actors and criminals, but also against major players like nation-states.
Given that we’ve put individual private companies on the frontlines of national cyber defense, it is crucial that companies, industries, and sectors, including the government, come together to establish a collective and collaborative defense approach to identify threats and take action to stop those threats in real time. Only by working together, one company with another, industries with industries, can the private sector realistically expect to scale its defenses to stop committed attackers, like the Chinese military actors that hacked Equifax.”