For local cybersecurity experts, Anthem breach 'hits close to home' - Technical.ly Baltimore

Business

Feb. 11, 2015 12:17 pm

For local cybersecurity experts, Anthem breach ‘hits close to home’

Local cybersecurity experts say the health insurer has been transparent about its major data breach, which may have compromised the personal data of up to 80 million customers.

Hackers recently laid waste to Anthem systems.

(Photo by Flickr user Matthew Hurst, used under a Creative Commons license)

When the health insurance giant Anthem announced it was the victim of a hack that may have exposed the data of up to 80 million customers last week, Mark McLarnon had an idea of what was happening behind the scenes.

“I’ve been in the shoes of the folks that are affected by this before,” the cybersecurity expert said. “It hits close to home.”

Now the CTO of Inner Harbor-based CyberPoint International, McLarnon has worked in network defense and computer forensics for the government and private sector for 15 years. He’s one of the many Baltimore-area cybersecurity workers who’s been on the other side of the breach as an investigator.

While it’s his job to investigate and provide protection against such incidents, McLarnon said he takes no joy out of seeing a major attack.

“I never like to hear about any breaches,” he said.

The Anthem breach was reported Wednesday night. According to a message posted online, the hackers gained access to customers’ personal information including names, birthdays, Social Security numbers and income data. The company, which offers BlueCross Blue Shield plans in California, New York and other states, is still working to determine the extent of the breach, but medical data isn’t believed to have been compromised.

The breach comes on the heels of high-profile breaches at Sony, Home Depot and Target. McLarnon points out that the FBI issued a warning to the healthcare industry on two occasions in 2014. One message, issued in August, noted “malicious actors targeting healthcare related systems.”

Anthem, and the healthcare industry in general, is a target because of the Social Security numbers that were likely accessed, said Gavin Millard. The technical director at Columbia-based Tenable Network Security said stolen credit card data doesn’t fetch what it used to on the black market.

Advertisement

“It’s really, ‘How much money can these attackers make from breaking in?'” he said. “Forty to 60 million Social Security numbers is probably worth quite a bit of money on the black market.”

CyberPoint’s McLarnon gave the company credit for reporting the hack within a week and making services like free credit monitoring and fraud alert monitoring services available.

“Anthem has taken very definitive steps,” he said.

Millard said the speed of those steps was an anomaly.

Sometimes, most of the public doesn’t even hear about breaches. In this case, the message posted online came directly from the company’s CEO, Joseph Swedish.

Anthem

Anthem has received high marks for its PR efforts in response to the data breach. (Screenshot)

“That kind of post-breach PR outreach is a really important factor that lots of organizations forget about and don’t do a really good job of,” Millard said, adding that a strong message can help reassure customers that the company can handle the incident.

Perhaps not surprisingly, not all of the public relations necessarily paints the full picture. The cause of the Anthem breach has yet to be determined, but Swedish’s message did say that the attack was “very sophisticated.” That’s typical, said Millard, but not necessarily accurate.

“In reality, the attackers often use simple methodologies to break in,” Millard said, such as phishing schemes via company email, or exploiting employees who didn’t update antivirus software.

Anthem is already coming under fire because it didn’t encrypt the Social Security numbers. According to the Wall Street Journal, companies aren’t required to encrypt the data. McLarnon advocates using the practice “whenever possible.”

On the other hand, Millard points out, using encryption doesn’t make a company completely protected from an attack.

“Although encryption is a very good control, it doesn’t always mean that the data is totally secure,” Millard said. The Tenable exec points out that it is used as a “last bastion” of security when people have done other things that leave them vulnerable.

Both experts advocate preventative action. Tenable offers a vulnerability scanner that assesses company systems. At CyberPoint, McLarnon advocates training customers in how to look for warning signs of an attack. If data may have been stolen, McLarnon also said it’s important to check lines of credit, taxes and other potential points where their data could’ve been used fraudulently. While it may not show up immediately, the stolen information can have a “cascading effect” on people for years.

“Although it may seem vague, vigilance is always urged,” McLarnon said.

You must appreciate accurate, relevant and productive community journalism.  Support this sort of work from professional reporters with seasoned editors.  Become a Technical.ly member for $12 per month -30-
JOIN THE COMMUNITY, BECOME A MEMBER
Already a member? Sign in here

Advertisement

Columbia’s Bandura Cyber ups funding round past $10 million

Why this Millersville company sees the new Buy Maryland Cybersecurity Tax Credit as a tool for growth

Millennial Media alum Matt Gillis joins Clean Creative as CEO

SPONSORED

Baltimore

Arrive ready to grow at 14 West

Baltimore

StraighterLine

Director of Product Management (Programs)

Apply Now
Baltimore, MD

SmartLogic

Product Designer

Apply Now
Baltimore, MD 21201

Agora Financial

Jr. Project Manager / Business Analyst

Apply Now

On the Market: Find a tech job to love in Baltimore

Survey shows extent of web browser–based cyber threats

Maryland E-Nnovation initiative provides matching funds for tech-focused research endowments

SPONSORED

Baltimore

The Washington Post is reprogramming the way news breaks

Canton in Baltimore, MD

iVeia

Software Engineer (Embedded/SoC)

Apply Now
Baltimore, MD

SmartLogic

Developer

Apply Now
Baltimore, MD 21201

The Oxford Club

Web Developer

Apply Now

Sign-up for daily news updates from Technical.ly Baltimore

Do NOT follow this link or you will be banned from the site!