Assessments

An FBI wanted poster listing four men allegedly behind the 2017 Equifax hack. The U.S. Department of Justice announced in a press release Feb. 10 that a federal grand jury in Atlanta had indicted four members of the Chinese People's Liberation Army in connection with the 2017 hack of the credit reporting agency Equifax.

The case serves as a vivid reminder of how much damage can be done when software is not patched to protect against known vulnerabilities.

Lessons From the 2017 Equifax Hack

<ul><li>By publicly naming the hackers, the U.S. government is sending a powerful message to the PLA and individual hackers working for the PLA of its ability to penetrate PLA systems.</li><li>It is also quite noteworthy that the PLA team did not use any high-tech tailored hacking tool, or even a zero-day exploit to accomplish this intrusion, but rather took advantage of a known vulnerability.</li><li>The stolen information combined with data obtained in other hacks could help China identify intelligence officers and possible corporate espionage targets.</li></ul>

ASSESSMENTS

Lessons From the 2017 Equifax Hack

Highlights

Subscribe to view this article