sb-eu logo
Story image

Experts comment on US Customs data breach

12 Jun 2019

The United States Customs and Border Protection agency has been responsible for the leaking of tens of thousands of images of travellers and license plates.

The CBP emailed a statement to journalists saying that a federal subcontractor had transferred copies of the images to its network.

The agency said this was done without its knowledge and in violation of the contract.

The subcontractor was subsequently hacked. The data leaked was a collection of images of drivers photo identifications and license plates of vehicles crossing through one port of entry over a six-week period.

The CBP said that none of its systems were compromised.

In the statement, the CBP said none of the image data has been identified on the dark web or internet.

“CBP has alerted Members of Congress and is working closely with other law enforcement agencies and cybersecurity entities, and its own Office of Proffessional Responsibility to actively investigate the incident.

The agency said it has removed all equipment related to the breach from service and is closely monitoring all CBP work by the subcontractor, which it continues to work with.

“CBP requires that all contractors and service providers maintain appropriate data integrity and cybersecurity controls and follow all incident response notification and remediation procedures.”

Here is what cybersecurity experts had to say about the breach:

BlackFog CEO and founder Darren Williams

Nobody is safe from cyberattack – not even US government agencies.

With this latest data breach targeting travellers’ sensitive and personal information, it’s clear that organisations need to improve their cybersecurity practices.

In particular, the risks that third-party subcontractors pose to cybersecurity practices are increasingly evident.

The emphasis on protecting consumer data needs to not only be woven through an organisation’s culture, but also in all of its contractor relationships.

This means having honest conversations at the outset of procurement to conduct due diligence on a contractor’s cybersecurity protocols.

Just as a business would credit check potential suppliers to ensure they have the necessary cashflow, organisations need to get suppliers to validate they have strong perimeter defence, data loss prevention measures, and preventative cybersecurity approaches in place, to avoid breaches like this from continuing to happen.

Proofpoint threat research and detection senior director Sherrod DeGrippo

It is critical that organisations prioritise the security and access controls of their vendors, providers, and partners.

These groups regularly handle sensitive data and must be examined by organisations thoroughly as they have the same culpability as the organisation itself.

We recommend that organisations review subcontractors and other providers’ data security posture as if it were their own.

Additionally, organisations can develop threat profiles that highlight areas of risk across verticals and implement a proactive people-centric security approach that mitigates each threat appropriately.

Story image
NCC Group chosen to help improve IoT security standards for all sectors
“At NCC Group, security is in our DNA and that's why we're excited to work with the ioXt Alliance in raising security standards within the IoT ecosystem."More
Story image
Cyber attacks keeping business leaders up at night, new research finds
Data breaches and insider threats are keeping organisations up at night, according to new research from KnowBe4, the security awareness training and simulated phishing platform.More
Story image
Banks failing customers when it comes to mobile app security
"Through these vulnerabilities, hackers can obtain usernames, account balances, transfer confirmations, card limits, and the phone number associated with a victim's card.”More
Story image
Okta, CrowdStrike, Netskope and Proofpoint create shared zero trust security strategy
Okta, CrowdStrike, Netskope and Proofpoint have joined forces to develop and launch an integrated, zero trust security strategy, stating that this is crucial for today’s digital and remote working environments.More
Story image
Oracle combines cloud automation with comms security in new solution
The Oracle Communications Security Shield (OCSS) Cloud is built on the company’s cloud infrastructure, and uses AI and real-time enforcement to combat the heightened risk of infrastructure attacks presented to contact centres and enterprises.More
Story image
CrowdStrike recognised as leading endpoint security vendor on global scale
IDC's report shows that CrowdStrike demonstrated a 2018-2019 growth rate of 99% and close to doubled its market share, while the market shares of the top three vendors in the corporate endpoint segment declined.More