One of the most interesting aspects of transitioning from high school history teacher to cyber threat intelligence professional is the comparisons that sometimes pop up between the events of the past and trends in our modern, online world. For example, the common challenge of securing sensitive information. This has been a problem since people began sharing secrets and is ever more on our minds as we see events unfold such as the Equifax breach and other high-profile leakage of sensitive information. We also know this from our research which points to the 2.3 billion files publicly available on the internet that contain a wide range of sensitive data. Our data seems to be more available (and more valuable) than ever before. Such data leakage can have severe consequences, another parallel to the past.
Take for example the case of Special Order 191: In September of 1862, the Confederate States of America were winning the Civil War. They had twice repulsed the Union’s initial attempts to invade the South at Manassas Junction, and Robert E. Lee had entered Maryland with 55,000 troops and the goal of capturing Washington D.C. Lee created a battle plan that divided his troops, and distributed copies to his senior commanders. They created more copies and distributed those to their subordinates. One commander, Major General D.H. Hill, received two copies of the orders, one from his direct commander, and one directly from Lee’s staff. Somehow, one of the copies was misplaced in his camp. The copy was discovered the next day by Union scouts, who found it wrapped around two cigars in the field Hill’s forces had vacated. They recognized what they had found and delivered the orders to their commander (we don’t know what happened to the cigars).
The consequences of the exploitation of this exposed data were severe – General McClellan was able to adjust his plan to intercept Lee and held the field in the bloodiest single-day battle in American history, at Antietam. Lee was forced to withdraw his forces, but there were larger implications for the war. The strategic victory for the Union gave President Lincoln the opportunity to announce the Emancipation Proclamation, freeing slaves across the South. This not only gave the Union the moral high ground, which is a key element of achieving victory, but prevented Britain and France from recognizing the Confederacy or entering the war on their side. Both nations had been in negotiations to do so but were forced to withdraw as their internal political climates prevented fighting against the side which openly condemned slavery. This likely cost the Confederacy the war, as it had been the French intervention in the American War of Independence that had allowed the colonies to break away from Britain.
So, what does this have to do with sensitive data in the digital economy?
Well, suppose you send an email containing sensitive code for a project to two of your co-workers, who then share it with their teams to work on. One of their team members posts the data to their publicly accessible code-sharing repository. That repository is as exposed to cyber-criminals as a field in Maryland was to Union scouts in 1862.
What if that code is found by a malicious nation-state actor, or by a hacktivist who wants to make your company look bad? What happens when they use the credentials in the post to penetrate your network and exfiltrate large lists of employee or customer PII? At this point, you’ve probably already lost the battle, if not the war altogether.
Steps to Reduce Data Leakage
But sharing data with your co-workers is important to completing projects, meeting deadlines, and doing business in general. So how do we share work without creating unnecessary exposure and increasing the already-present risks? There are a few basic steps you can take:
- Know and follow your company’s policy for sharing sensitive information
- Don’t post sensitive information in publicly accessible locations
- Use a service to help identify leaked data on the web (hint hint: I know a great one…check out our SearchLight service here)
- Confirm security postures of third party suppliers before sharing sensitive information
- Don’t leave critical systems information in a field in Maryland overnight
At Digital Shadows, our focus is to help our customers be aware of their digital footprint, keep ahead of the threats through monitoring the open, deep and dark web, understand inadvertent data loss that might be exploited, prevent disruption of identity online, and manage the attack surface proactively.
Our Practical Guide to Mitigating Digital Risk is full of recommended tools and steps you can take to help keep your business safe. Common sense security steps can help you to avoid unwanted data loss with big consequences.