United Airlines is the latest target of the China-backed hackers who have been behind several other large heists – including the theft of security clearance records from the U.S. Office of Personnel Management and medical data from health insurer Anthem Inc.
United, the world’s second-largest airline, detected an intrusion into its computer systems in late May or early June. Among the collection of data stolen are manifests – which include information on flight’s passengers, origins, and destinations.
“These reports are based on pure speculation, and we can ensure our customers that their personal information is secure. We remain vigilant in protecting against unauthorized access and use top advisors and best practices on cyber-security to maintain our effectiveness,” United spokesperson Luke Punzenberger said.
However, if the report is true it’s becoming clear that the China-backed group of hackers is amassing a vast database of information. Experts say the group appears to be triangulating United’s customer’s movements and that, combined with background check information stolen from the government and medical records stolen from Anthem, could lead to intelligence officers becoming exposed or recruited by the hackers.
“If investigators are accurate in attributing these attacks to the same group, they have amassed a vast database of information that could be used for multiple purposes, from economic espionage to political gain,” said Tim Erlin, Director of Risk Strategy for Tripwire, a computer security company.
While this may not affect you or me today, it really sheds some light on how vulnerable the systems we rely on for day-to-day life are. If spies aren’t safe, neither is critical infrastructure that runs on computers. The lesson that needs to be learned from this hack especially, is that everyone needs to be on the alert to hackers. Two major changes would help protect data like United’s flight records. First, data should be encrypted or jumped up using a computer algorithm that only the owners can decode. Next, companies and government agencies need to rethink who has the ability to read that information. Currently, too many people have easy access to many types of data – meaning there are too many people who can unwittingly let hackers into important databases. Lastly, if someone with access to unprotected data is acting strangely – like uploading a bunch of data to the Internet at midnight – organizations should be able to recognize that odd behavior and investigate for signs of hackers taking over the user’s computer.
Bottom line – companies need to change their thinking and assume their data is likely to be compromised, instead of assuming they can protect it.
