US Intelligence Community Seal (Photo credit: Wikipedia)
from the reasons-to-be-cheerful dept
There’s been quite a lot of excitement in the press about the latest leaks that the NSA has been spying on not just one French President, but (at least) three of them. As Mike pointed out, this isn’t such a big deal, because it is precisely the kind of thing that you would expect the NSA to do — as opposed to spying on the entire US public, which isn’t. There is, though, an aspect that most people have overlooked: the fact that these NSA leaks don’t appear to originate from Snowden’s stash.
Of course, Mr Crypto himself, Bruce Schneier, did spot it, and pointed out it could be one of his “other” US intelligence community leakers, listed a couple of months ago, or even a completely new one. As that post shows, there are now a few people around that are leaking secret documents, and that’s a pretty significant trend, since you might expect enhanced security measures taken in the wake of Snowden’s leaks would have discouraged or caught anyone who attempted to follow suit. Continue reading
25 Jan 2014 by Samara Lynn
The WikiLeaks furore of 2010, and the more recent debacle of the documents leaked from the American National Security Agency (NSA) has left the world reeling at the power of a well-orchestrated data breach. President Obama recently announced that due to the revealed abuses by the agency, he would reform espionage policy, allowing privacy campaigners around the world to breathe a cautious sigh of relief.
But not every organisation is as insidious or as unaccountable as the NSA, and not every leaker has the good intentions of Edward Snowden or Chelsea Manning. One thing to come out of these events is crystal clear: if the government is vulnerable to network security and data breaches, your business is too.
A few safeguards in place could have staved off the leakage of classified information from both these networks, many of which are available to small businesses: activity monitoring, limiting which data is searchable, keeping tabs on user permissions, and deploying a robust data leak prevention solution.