The news last week that the US government’s Office of Personnel Management has been hacked, with the most sensitive personal information of over 4 million federal employees leaked, stands as arguably the most significant data breach ever. It will likely take some time for the full details of this attack to emerge. However, I’m willing to bet that it all started with a targeted phishing email. Verizon recently released their 2015 Data Breach Investigation Report, which reported the stunning statistic that 23% of recipients open phishing emails, and 11% click on phishing attachments! Those are staggering statistics. In all likelihood, the target of this particular phishing attack opened a malicious attachment, or clicked on a link to a malicious page, which then downloaded an exploit that opened a backdoor for the attackers to ultimately gain access to OPM’s systems.
This attack occurred despite the fact that the government has spent billions of dollar on cyber-security infrastructure. This news should be a wake up call for organizations of all sizes to take a serious look at their cyber-security strategy, processes and infrastructure. It’s no longer good enough to say “this won’t happen to me”. It is also no longer good enough to trust your security to the cheapest or lowest-common denominator legacy products. The costs of a breach, in terms of reputational and financial damage, can be devastating. iSheriff is here to help you and your customers with a true multi-layered, cloud-based, security service that is rated #1 in the industry in detecting and blocking new threats. We look forward to talking with you about how we can help.