Department of Energy falls victim to cyberattack

Aug 21st, 2013 / Category: Managed File Transfer

Highlighting the importance and challenges inherent to data protection, and the need for secure file transfer solutions, the Department of Energy (DOE) recently revealed that it has experienced a data breach caused by a concerted effort by cybercriminals.

The DOE informed approximately 14,000 current and former employees that their personal data may have been compromised following a cyberattack that occurred in July. Among the information that may have been exposed are names and Social Security numbers.

As The Wall Street Journal reported, a similar attack occurred in February, at which point several hundred other employees' data may have been exposed.

According to the DOE, no classified data was accessed. However, cybercriminals can potentially use personal employee data to gain access to protected computer systems that store such information.

Additionally, any employee whose personal information has been exposed must now face a heightened risk of identity theft or fraud. To combat this threat, affected personnel are being offered a year's worth of free credit monitoring services, SC Magazine reported.

The DOE is now working with various other federal agencies and law enforcement organizations in order to investigate the incident and better determine who was behind the attack.

Building defenses
As this incident highlighted, data security is a challenge for organizations of all kinds. Virtually every firm possesses data that may be useful to malicious cybercriminals, and so every organization is a potential target. Robust, dependable data protection measures are therefore critical in every industry and sector.

The fact that DOE fell victim to such an attack may be seen as evidence that even well-funded, security-conscious organizations are susceptible to cyberattacks, which may seem demoralizing. However, while details of the attack have yet to emerge, it is very possible that this incident could have been avoided if the DOE had implemented better data security solutions.

Speaking to SC Magazine, Cameron Camp, a security researcher, noted that organizations of all kinds must take steps to protect them from these types of cyberattacks. Among the suggestions he made were establishing specific hours when particular data types would be permitted to travel beyond the firm's firewall, as well as creating a security position dedicated to monitoring network access.

Both of these points reflect the importance of data security solutions for organizations' data when it is in motion, whether it is traveling between employees or to outside departments, agencies or organizations. In addition to the policies outlined by Camp, it is critical for firms to invest in high-quality secure file transfer solutions for precisely these reasons. Only by providing such tools to employees can organizations ensure that sensitive data, whether personal, corporate or otherwise, remains safe and protected at all times, without imposing restrictions on workers' collaborative abilities. Choosing an easy-to-use secure file transfer resource is consequently a critical component of any firm's data protection efforts.