Recently, Excellus, a Blue Cross and Blue Shield company, discovered evidence of a hacking attack that exposed ten million customer records. The matter is currently under investigation, and so far, there’s no evidence that the hackers used the data in a malicious way. Typically, if the data will be used maliciously, it happens in the days or weeks following the attack, and this does not appear to have happened in the case of the Excellus breach. Nonetheless, this only serves to underscore the large and growing problem that all sectors of the business community face.
Hacking attacks are growing in both number and sophistication by the week. Odds are excellent that little to no useful data will be gleaned from the investigation, because although evidence of the attack was only recently discovered, the attack itself occurred two years ago, in 2013. That’s an eternity in IT-time.
This is by no means an isolated incident. In recent months, several major Blue Cross and Blue Shield health insurers have been breached, including CareFirst, Premera, and Anthem. In the case of Anthem, the hack was traced back to a group of Chinese hackers. It is unknown at this time if that same group was responsible for the other Blue Cross and Blue Shield breaches, or if the incidents are unconnected.
Given the number and sophistication of such attacks, it is more important than ever before that companies build a robust team of security professionals, or if that is impractical, to outsource that function to a Managed Services Provider with an excellent reputation in the area of systems security. Had Excellus hired an IT Consultant with the appropriate background, it is entirely possible that this attack would have been noted and acted upon much more quickly than it was.
MSP’s are increasingly becoming the default solution to systems security because of the extreme difficulty in finding a sufficient number of adequately trained personnel to fill those roles internally. If the recent past is any guide, those problems will get significantly worse before things start to improve. How prepared is your company?