Consumer Reports: Don't Use Consumers as 'Guinea Pigs For Vehicle Safety Beta Programs'
Valuable Items You Can't Change

Retailer's Data Breach Exposes Military And Government Workers To Terrorism Risk

McClatchyDc news service reported a chilling story about the intersection of cyber-crime and terrorism. After inserting malware into an Illinois-based retailer's computer systems, the hacker demanded payment in Bitcoins to remove the malware. This type of hacking is commonly called "ransomware" and isn't especially noteworthy. What is notable: the hacker's motivation was driven by money, but devolved into terrorism. Reportedly, the hacker:

"... had ties to the Islamic State Hacking Division, a terrorist cyber unit, and before it was over he’d put together a “kill list” for the Islamic State with the identities of 1,351 U.S. government and military personnel from the 100,000 names, credit card records and Social Security numbers he’d extracted from the host server."

The hacker, currently in prison in the USA, was identified as Ardit Ferizi, also known as the "Albanian hacker." McClatchyDC also reported:

"Ferizi’s case is also notable because his handiwork generated one of the first “kill lists” issued by the Islamic State designed to generate fear and publicity. FBI agents used the early list of U.S. military and government employees to notify the targeted individuals. More recent lists have included thousands of ordinary civilians and even U.S. Muslims the terrorist group considers apostates."

McClatchyDC did not disclose the name of the retailer, who reportedly learned of the breach only when the hacker demanded payment. That suggested poor data security and intrusion detection.

There are plenty of implications. First, no longer can company (and government) executives claim that it was just a breach, or it happens to every business. It is no longer acceptable for corporate executives to downplay the breach and hope it quietly goes away. There are real-world risks and threats to customers and prospective customers from corporate data breaches. Second, this breach reinforces the fact that we live in an inter-connected world. Criminals are smart, persistent, and have learned how take advantage of those online connections.

Third, these online connections and cyber-crime make politicians' goals to limit immigration futile and pointless. Similarly, physical border walls may deter poor and unskilled migrants, but do nothing to stop cyber-crime and terrorism. Government and business need to work together to build better, stronger online and digital defenses.

What do you think?

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.

Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been saved. Comments are moderated and will not appear until approved by the author. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment

Comments are moderated, and will not appear until the author has approved them.

Your Information

(Name and email address are required. Email address will not be displayed with the comment.)