An analysis of the latest FBI data breach
Another day, another serious data breach: this time for sensitive FBI files. Breaches are so common now that they’re hardly newsworthy, but several things make this one different. An unknown person accessed these files for more than a year before anyone noticed. One would hope there was some record of who, when, and what sensitive records were accessed, but there were none. Instead, the FBI relied on asking what people recalled. That is frightening. How many people can recall precisely what they did a year ago? Are they being honest? Were they part of the problem? We may never know.
But it gets worse. Fighting hackers is a team sport; it’s crucial that you pick players who are competent, have the right tools, and will stand by you. So it’s unbelievable that Palantir, the FBI’s software provider, is “trying to distance itself” from the breach. Their line is that “the fault was caused by the FBI’s incorrect use of the software.” Team players should never blame their customers. Everyone’s just doing their job. No one wants to own a problem. We’ve seen this movie before, literally.
“Everybody in this room is smart.
Everybody’s just doing their job.
And [my friend] is dead.”– Paul Newman in Absence Of Malice
Perhaps the most disappointing part is that Palantir is Peter Thiel’s company. Mr. Thiel is exceptionally smart and is really good with predictions (he was Facebook’s first outside investor). But his firm either did not anticipate or did not know how to protect the FBI. What does this mean for his other clients that include the U.S. Army, U.S. Navy and CIA, or for companies like IBM, Amazon and Airbus? And why did Palantir’s program fail?
One thing we know is that the default settings for Palantir’s program allowed “unauthorized FBI employees to access” the sensitive data. Since when is the default setting of any security product not set to do its job? These are difficult questions, but we know the answer, because Palantir is not alone.
Today’s security companies have successfully redefined the industry’s problems to suit their products, not the other way around. Yesterday’s technologies are no match against today’s threats, let alone tomorrow’s threats like unfixable hardware flaws in your servers – or China’s advances in quantum computers, which promise to end encryption as we know it.
Take “Zero Trust” security, for example. It’s being promoted today as the latest breakthrough, but it has actually been around since 2010. Zero Trust focuses on a perimeter defense and identity management, but it failed to prevent Russian hackers from breaking into most government agencies and dozens of corporations (we will likely never know the full list). Microsoft’s President called this SolarWinds attack “the largest and most sophisticated attack the world has ever seen.” One of the leading security experts says your only system remedy is “to burn it down to the ground and rebuild.”
And then there’s the scourge of ransomware which, unlike what you may have been told, cannot be prevented. It will actually get worse, because hackers are learning how to infect your backup data – so they can name their price and you’ll be forced to pay. They’re also trying to bribe employees so that hackers won’t even have to break into your network. Tesla was very lucky when an honest employee reported that he was being bribed. This new threat has been called a “dire warning for every company around the world.”
I work for Klōke, a very different type of security company. Rather than redefining your problems to sell you obsolete technology, we’re inventing new ways to solve your current and future threats. For example, we predicted the SolarWinds attacks because we knew that perimeter defenses would fail. It was obvious to us that the only way to really protect your data is… to protect your data. That’s not a typo.
The entire security industry is focused on everything except the data itself. They’ll sell you access control, device security, firewalls, anti-virus products, network monitoring, patch management, training, etc. The experts would claim that your data is already protected by encryption, so why did the credit card processors drop encryption and switch to token security in 2005? To the best of our knowledge, token security has never been breached.
Klōke offers products that use this same proven token approach to protect all corporate and government data.
|
The Security Industry |
Klōke Security |
|
Protects everything but the data |
Protects the data |
|
Focuses on detection and response |
Focuses on prevention |
|
Tries to secure the perimeter |
Assumes hackers are already inside |
|
Relies on encryption |
Does not rely on encryption |
|
Relies on NIST for the quantum threat |
Has a solution for the quantum threat |
|
Has limited audit capabilities |
Integrated forensics/threat intelligence |
|
No solution for bribed employees |
Has a solution for bribed employees |
|
Tries to prevent ransomware |
Focuses on recovery without data loss |
|
Exfiltrated data has value |
Exfiltrated data has no value |
|
Increases complexities |
A single, elegant solution |
|
Adds to the skills shortage problem |
Reduces the skills shortage problem |
I know token security well because I was the first to invent it. Right now, there are likely hackers inside your systems accessing your most sensitive data and planning a devastating ransomware attack. We can help.
In a perfect world, the FBI would have Klōked their data; but for that breach, it’s too late. Let’s make sure it’s not too late for you.
To learn more about Kloke, please contact us.