sb-as logo
Story image

Experts comment on US Customs data breach

12 Jun 2019

The United States Customs and Border Protection agency has been responsible for the leaking of tens of thousands of images of travellers and license plates.

The CBP emailed a statement to journalists saying that a federal subcontractor had transferred copies of the images to its network.

The agency said this was done without its knowledge and in violation of the contract.

The subcontractor was subsequently hacked. The data leaked was a collection of images of drivers photo identifications and license plates of vehicles crossing through one port of entry over a six-week period.

The CBP said that none of its systems were compromised.

In the statement, the CBP said none of the image data has been identified on the dark web or internet.

“CBP has alerted Members of Congress and is working closely with other law enforcement agencies and cybersecurity entities, and its own Office of Proffessional Responsibility to actively investigate the incident.

The agency said it has removed all equipment related to the breach from service and is closely monitoring all CBP work by the subcontractor, which it continues to work with.

“CBP requires that all contractors and service providers maintain appropriate data integrity and cybersecurity controls and follow all incident response notification and remediation procedures.”

Here is what cybersecurity experts had to say about the breach:

BlackFog CEO and founder Darren Williams

Nobody is safe from cyberattack – not even US government agencies.

With this latest data breach targeting travellers’ sensitive and personal information, it’s clear that organisations need to improve their cybersecurity practices.

In particular, the risks that third-party subcontractors pose to cybersecurity practices are increasingly evident.

The emphasis on protecting consumer data needs to not only be woven through an organisation’s culture, but also in all of its contractor relationships.

This means having honest conversations at the outset of procurement to conduct due diligence on a contractor’s cybersecurity protocols.

Just as a business would credit check potential suppliers to ensure they have the necessary cashflow, organisations need to get suppliers to validate they have strong perimeter defence, data loss prevention measures, and preventative cybersecurity approaches in place, to avoid breaches like this from continuing to happen.

Proofpoint threat research and detection senior director Sherrod DeGrippo

It is critical that organisations prioritise the security and access controls of their vendors, providers, and partners.

These groups regularly handle sensitive data and must be examined by organisations thoroughly as they have the same culpability as the organisation itself.

We recommend that organisations review subcontractors and other providers’ data security posture as if it were their own.

Additionally, organisations can develop threat profiles that highlight areas of risk across verticals and implement a proactive people-centric security approach that mitigates each threat appropriately.

Story image
Internet outages drastically increased during COVID-19 lockdowns, report finds
Global internet disruptions increased 63% in March, with internet service providers hit the hardest. This is according to the 2020 Internet Performance Report from ThousandEyes, the internet and cloud intelligence company.More
Story image
APAC consumers not taking ownership of their data, study finds
The majority of consumers in the Asia Pacific (APAC) region expect businesses or governments to protect their data, according to a new F5 research report titled Curve of Convenience 2020: The Privacy-Convenience Paradox. More
Story image
Video: 10 Minute IT Jams – Who is Claroty?
Its focus is on simplifying OT availability, reliability, and safety for a more secure working environment – without requiring downtime or dedicated teams.More
Story image
Cloud breaches set to increase in velocity and scale - Accurics
“While the adoption of cloud native infrastructure such as containers, serverless, and servicemesh is fuelling innovation, misconfigurations are becoming commonplace and creating serious risk exposure for organisations."More
Story image
10 billion records sit in unsecured databases - China leads the pack
A white hat hacker hacker uncovered a total of 9517 unsecured databases worldwide, collectively containing more than 10 billion entries.More
Story image
Network intelligence is stopping a wave of DDoS misdiagnosis
Security teams already know the value of a layered defence; it’s time to add more layers, writes ThousandEyes principal solutions analyst Mike Hicks.More