Life's a breach: Reported attack on United Airlines shows everyone has valuable data to protect
No longer focused on stealing credit card numbers alone, hackers are flexing seriously dangerous muscle, security experts say.
Laura HautalaFormer Senior Writer
Laura wrote about e-commerce and Amazon, and she occasionally covered cool science topics. Previously, she broke down cybersecurity and privacy issues for CNET readers. Laura is based in Tacoma, Washington, and was into sourdough before the pandemic.
ExpertiseE-commerce, Amazon, earned wage access, online marketplaces, direct to consumer, unions, labor and employment, supply chain, cybersecurity, privacy, stalkerware, hacking.Credentials
2022 Eddie Award for a single article in consumer technology
The purported hacking group, believed to be affiliated with China, appears to be triangulating United customers' movements. Combined with background check information stolen from the government and medical records stolen from Anthem, experts say the group is stockpiling information on intelligence officers.
That might not affect you or me today (assuming neither of us is a spy), but it emphasizes how vulnerable the systems we rely on for day-to-day life are. If spies aren't safe, neither is critical infrastructure that runs on computers, said Udi Mokady, chief executive of security company CyberArk.
"In situations where people's lives are put in jeopardy, it becomes an increasingly serious issue," he said.
A United spokesman said the report was based on speculation and that United customers' private information is safe, but he declined to confirm or deny that a breach occurred.
The reported hack shows that all businesses are holding onto valuable information that could attract hackers, Mokady said.
In hacking's early days, attackers were interested in "low-hanging fruit" that could be quickly sold for cash, like credit card numbers, Mokady said. Then the theft and sale of personal identifying information like Social Security numbers gained popularity.
But in the case of United, the purported hackers seemed interested in flight records, which don't likely have a broad resale market. It shows the variety of valuable information that needs to be protected from hackers.
"If what they stole here were the flight plans, it's another example of different attackers can make use of different things," Mokady said.
For example, the hack against Sony last November appeared to be intended to drag the company through the mud, rather than financial gain.
The lesson from that experience: Everyone needs to be on alert for hackers.
Two major changes would help protect data like United's flight records. First, data should be encrypted, or jumbled up using a computer algorithm that only the owners can decode, said Alan Kessler, chief executive of cybersecurity company Vormetric.
Next, Kessler said, companies and government agencies need to rethink who has the ability to read that information. Currently, too many people have easy access to many types of data, he said, meaning there are too many people who can unwittingly let hackers into important databases.
Finally, if someone with access to unprotected data is acting weird (like uploading a bunch of data to the Internet at midnight), organizations should be able to recognize that strange behavior and investigate for signs of hackers taking over the user's computer.
Bottom line: Companies need to change their thinking and assume their data is likely to be compromised, instead of assuming they can protect it.