Each month, we’ll bring you some of the most compelling cloud and Salesforce security-related stories from the last four weeks. In this post, we discuss a NASA security hack, Maine’s internet privacy bill, and more.
Maine is the latest state to introduce a cyber privacy bill aimed at protecting consumers from selling or sharing customer data without permission. The bill is one of the strictest consumer privacy protection policies in the United States, but experts agree that it will face challenges in court. Despite warnings from multiple technology trade groups to the Legislature that the measure conflicts with federal law, Governor Janet Mills signed the bill, which will go into effect on July 1, 2020.
Under the new law – An Act To Protect the Privacy of Online Customer Information – Maine internet service providers are required to seek permission prior to sharing or selling customer data to a third party. The law also prevents ISPs from offering discounts to customers in exchange for selling or sharing their data.
“The internet is a powerful tool, and as it becomes increasingly intertwined with our lives, it is appropriate to take steps to protect the personal information and privacy of Maine people.”
– Governor Janet Mills
Salesforce continues to dominate the CRM market with 19.5% market share, according to Gartner research. As the world’s leading CRM, Salesforce currently holds more than double the market share of its closest rival, SAP, which has 8.3%. Gartner also recognized Salesforce as a leader in its Magic Quadrant for CRM Customer Engagement Center for the eleventh year in a row.
The Gartner report also found that spending on CRM software has grown, reaching $48.2 billion in 2018, the majority of which was spent on SaaS options.
NASA published an audit document that confirms the Jet Propulsion Laboratory (JPL) was hacked in 2018. An unauthorized Raspberry Pi computer connected to the JPL servers allowed hackers to gain access to other areas of NASA’s network. By infiltrating the computer, the hackers managed to reach radio telescopes in the Deep Space Network (DSN) as well as other JPL systems. To stifle further network abuse, Johnson Space Center disconnected entirely from the gateway due to concerns about the attacks reaching critical programs such as the International Space Station and other human space missions.
The audit report includes information about technical details, highlighting many security lapses from poor security violation ticket resolution to delayed patches for known vulnerabilities. According to the report, much of the spacecraft data was restored this year, but as of March 2019, Johnson Space Center had yet to fully restore the use of all communications data due to reliability concerns. NASA officials responded to security concerns, agreeing with nine of ten recommendations included in the audit report. NASA’s remediation efforts are estimated to be complete by January 2020.
Riviera Beach, Florida, is the latest locale to fall victim to hackers using ransomware to take down city computer systems. The attack, which hit on May 29 after an employee clicked a malicious email link, took down the city’s entire computer system for three weeks. The infected computer systems impacted water utilities, city finances, government email and phone systems, logging 911 calls, and more.
After a unanimous council vote, the city agreed to pay the ransom of 65 bitcoin (about $600,000). While many caution that paying the ransom could encourage similar attacks in the future, others note that sometimes there isn’t much of a choice – certain network systems are critical for cities to function, and it would cost more in recovery fees than it would to pay the ransom. However, there’s always the gamble of offering payment without receiving the promised release of the computer systems.
“Preparation is the cure for ransomware. Preventing attacks starts with understanding what the attackers are doing and how. Organizations need visibility into attackers’ behaviors and the malware that’s in use.”
– Rick McElroy, Principal Security Strategist, Carbon Black
Three former McAfee staff members are being sued by the company over allegations that they stole trade secrets for a rival organization. McAfee is seeking damages for trade secret misappropriation, breach of contract, intentional interference with contractual relations, breach of fiduciary duty, aiding and abetting, and conspiracy.
Court documents show that Jennifer Kinney, Alan Coe, and Percy Tejeda – all high-positioned sales staff who had knowledge of McAfee’s propriety business information – allegedly conspired to steal the information for the benefit of their new employer, Tanium. Once McAfee investigated network use prior to the former employees’ departures, they identified patterns of misconduct regarding confidential information – specifically, the three employees transferred sensitive data using private email addresses, Google Drive, and USB devices.
McAfee has stated their goal is to prevent any stolen data from harming their business and has therefore filed an emergency motion for a temporary restraining order.
Apple’s CEO, Tim Cook, recently called out Silicon Valley and other tech companies for creating chaos and dodging responsibility during a commencement speech with an audience of 30,000 at Stanford University. While he didn’t drop any names, Cook made it clear that the data breaches, privacy violations, and careless culture regarding consumer privacy in the tech industry are problematic.
“Lately it seems this industry is becoming better known for a less noble innovation – the belief you can claim credit without accepting responsibility,” Cook said. “It feels a bit crazy that anyone should have to say this, but if you built a chaos factory, you can’t dodge responsibility for the chaos.”
“If we accept as normal and unavoidable that everything in our lives can be aggregated, sold and even leaked in the event of a hack, then we lose so much more than data. We lose the freedom to be human.”
– Tim Cook, CEO, Apple
Another day, another data breach confirmation. U.S. Customs and Border Protection (CBP) acknowledged the breach of a subcontractor network that exposed photos of travelers and license plates of vehicles entering and exiting the United States. The CBP’s networks themselves remain unscathed by the cyberattack.
According to the agency, they first learned of the breach on May 31 and the security incident affected fewer than 100,000 people who went through single lane border entry port. CBP also confirmed that none of the exposed data has been identified on the Dark Web amid growing concerns after a breach of a government contractor only weeks before had left large quantities of personal information up for grabs on the Dark Internet. CBP has stated that they’ve notified Congress and are “closely monitoring” the subcontractor in question.