sb-eu logo
Story image

Experts comment on US Customs data breach

12 Jun 2019

The United States Customs and Border Protection agency has been responsible for the leaking of tens of thousands of images of travellers and license plates.

The CBP emailed a statement to journalists saying that a federal subcontractor had transferred copies of the images to its network.

The agency said this was done without its knowledge and in violation of the contract.

The subcontractor was subsequently hacked. The data leaked was a collection of images of drivers photo identifications and license plates of vehicles crossing through one port of entry over a six-week period.

The CBP said that none of its systems were compromised.

In the statement, the CBP said none of the image data has been identified on the dark web or internet.

“CBP has alerted Members of Congress and is working closely with other law enforcement agencies and cybersecurity entities, and its own Office of Proffessional Responsibility to actively investigate the incident.

The agency said it has removed all equipment related to the breach from service and is closely monitoring all CBP work by the subcontractor, which it continues to work with.

“CBP requires that all contractors and service providers maintain appropriate data integrity and cybersecurity controls and follow all incident response notification and remediation procedures.”

Here is what cybersecurity experts had to say about the breach:

BlackFog CEO and founder Darren Williams

Nobody is safe from cyberattack – not even US government agencies.

With this latest data breach targeting travellers’ sensitive and personal information, it’s clear that organisations need to improve their cybersecurity practices.

In particular, the risks that third-party subcontractors pose to cybersecurity practices are increasingly evident.

The emphasis on protecting consumer data needs to not only be woven through an organisation’s culture, but also in all of its contractor relationships.

This means having honest conversations at the outset of procurement to conduct due diligence on a contractor’s cybersecurity protocols.

Just as a business would credit check potential suppliers to ensure they have the necessary cashflow, organisations need to get suppliers to validate they have strong perimeter defence, data loss prevention measures, and preventative cybersecurity approaches in place, to avoid breaches like this from continuing to happen.

Proofpoint threat research and detection senior director Sherrod DeGrippo

It is critical that organisations prioritise the security and access controls of their vendors, providers, and partners.

These groups regularly handle sensitive data and must be examined by organisations thoroughly as they have the same culpability as the organisation itself.

We recommend that organisations review subcontractors and other providers’ data security posture as if it were their own.

Additionally, organisations can develop threat profiles that highlight areas of risk across verticals and implement a proactive people-centric security approach that mitigates each threat appropriately.

Story image
ESET launches the latest version of its Mobile Security solution
“With this latest version of ESET Mobile Security, we want to ensure our users feel completely secure when performing financial transactions on their devices, in addition to being protected from malware and phishing attempts."More
Story image
OT networks warned of vulnerabilities in CodeMeter software
Manufacturers using the Wibu-Systems CodeMeter third-party licence management solution are being urged to remain vigilant and to urgently update the solution to CodeMeter version 7.10.More
Story image
Lazarus Group linked to phishing attacks on cryptocurrency sector
In this case, the attacks were launched through a phishing document sent via LinkedIn to employees at the targeted organisation. This phishing document was styled to look like a job advertisement for a role in a blockchain company.More
Story image
Exabeam and Code42 partner up to launch insider threat solution
The solution will give customers a fuller picture of their environment, and will leverage automated incident response to obstruct insider threat before data loss occurs.More
Story image
Ripple20 threat has potential for 'vast exploitation', ExtraHop researchers find
One in three IT environments are vulnerable to a cyber threat known as Ripple20. This is according to a new report from ExtraHop, a cloud-native network detection and response solutions provider. More
Story image
Radware issues security alert, warning of global rise of DDoS-for-hire
Efforts from corporations, law enforcement and independent researchers around the world have attempted in the last two years to curb this growth – but the industry keeps growing says Radware information security researcher Daniel Smith.More