Latest in Gear

Image credit: Reuters/Brendan McDermid

Equifax breach shows signs of a possible state-sponsored hack

This might not have been a simple smash-and-grab.
1428 Shares
Share
Tweet
Share
Save

Sponsored Links

Reuters/Brendan McDermid

Ever since word of the Equifax hack got out, there's been one lingering question: was it a state-sponsored attack, or just criminals who took advantage of a security hole? At the moment, it looks like it might be the former. Bloomberg sources have shed light on the ongoing investigations into the breach, and they claim there are signs of a government's involvement. The initial group of hackers weren't particularly experienced, according to the tipsters, but they handed things over to a more "sophisticated" team. There are even hints that this might be the work of Chinese intelligence agents, although it's not yet clear who's responsible.

The insiders say that "many" of the tools used in the hack were Chinese in origin, and that there are similarities to China-backed breaches targeting the health insurance firm Anthem and the US government's Office of Personnel Management. Also, none of the stolen data has surfaced online -- whoever took it wasn't in a rush to profit. This was a "'get as much data as you can on every American' play," one of Bloomberg's contacts said.

However, sources aware of federal investigations say only that there's evidence of a state-sponsored attack, not that it points to any one country. Equifax's security consulting partner, Mandiant, wrote as recently as September 19th that it couldn't identify the culprits or where they came from.

As it is, Equifax may have been its own worst enemy in the early days of the breach. The company had hired Mandiant to look into earlier security issues, but there was a he-said-she-said fight over Equifax's security in the weeks surrounding the hack. Equifax reportedly thought Mandiant had sent rookies to look into the vulnerabilities of its systems, while Mandiant decried what it saw as unpatched systems and sloppy policies. An Equifax spokesperson told Bloomberg that it has had a "professional, highly valuable relationship" with Mandiant and isn't commenting on its ally's investigation, but the scoop suggests that the squabble may have hurt the chances of a timely fix for the flaw that compromised 143 million Americans.

Whatever contributed to the incident, there are significant ramifications if there's a foreign power involved. If it's China, it'd be a huge violation of the US-China agreement that was supposed to put an end to hacking campaigns. Many didn't expect either side to fully honor the pact, but this would be an overt violation. And if it's another known country with state-sponsored hacking, like North Korea or Russia? That wouldn't be any better, as it would exacerbate already high tensions. No matter who's behind this, things could get very thorny very quickly.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
1428 Shares
Share
Tweet
Share
Save

Popular on Engadget

Engadget's Guide to Privacy

Engadget's Guide to Privacy

View
TiVo says all retail DVR owners will see ads before recorded shows

TiVo says all retail DVR owners will see ads before recorded shows

View
Batman comes to 'Fortnite' along with Catwoman and Gotham City

Batman comes to 'Fortnite' along with Catwoman and Gotham City

View
Hitting the Books: Searching for ancient cities from space

Hitting the Books: Searching for ancient cities from space

View
The Morning After: Taking a look inside the iPhone 11 Pro Max

The Morning After: Taking a look inside the iPhone 11 Pro Max

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr