{"id":1254,"date":"2017-09-30T12:09:49","date_gmt":"2017-09-30T12:09:49","guid":{"rendered":"http:\/\/54.201.249.27\/?p=1254"},"modified":"2017-09-30T12:09:49","modified_gmt":"2017-09-30T12:09:49","slug":"equifax-breach-shows-signs-possible-state-sponsored-hack","status":"publish","type":"post","link":"https:\/\/blackopspartners.com\/equifax-breach-shows-signs-possible-state-sponsored-hack\/","title":{"rendered":"Equifax breach shows signs of a possible state-sponsored hack"},"content":{"rendered":"
In the corridors and break rooms of Equifax Inc.<\/a>‘s giant Atlanta headquarters, employees used to joke that their enormously successful credit reporting company was just one hack away from bankruptcy. They weren’t being disparaging, just darkly honest: Founded in the 19th century as a retail credit company, Equifax had over the years morphed into one of the largest repositories of Americans’ most sensitive financial data<\/a>, which the company sliced and diced and sold to banks and hedge funds. In short, the viability of Equifax and the security of its data were one and the same.<\/p>\n Nike Zheng, a Chinese cybersecurity researcher from a bustling industrial center near Shanghai, probably knew little about Equifax or the value of the data pulsing through its servers when he exposed a flaw in popular backend software for web applications called Apache Struts. Information he provided to Apache, which published it along with a fix on March\u00a06, showed how the flaw could be used to steal data from any company using the software.<\/p>\n The average American had no reason to notice Apache’s post but it caught the attention of the global hacking community. Within 24 hours, the information was posted to FreeBuf.com, a Chinese security website, and showed up the same day in Metasploit, a popular free hacking tool. On March 10, hackers scanning the internet for computer systems vulnerable to the attack got a hit on an Equifax server in Atlanta, according to people familiar with the investigation.<\/p>\n Before long, hackers had penetrated Equifax. They may not have immediately grasped the value of their discovery, but, as the attack escalated<\/a> over the following months, that first group\u2014known as an entry crew\u2014handed off to a more sophisticated team of hackers. They homed in on a bounty of staggering scale: the financial data\u2014Social Security numbers, birth dates, addresses and more\u2014of\u00a0at least 143 million Americans<\/a>. By the time they were done, the attackers had accessed dozens of sensitive databases and created more than 30 separate entry points into Equifax’s computer systems. The hackers were finally discovered on July 29, but were so deeply embedded that the company was forced to take a\u00a0consumer complaint portal offline for 11 days while the security team found and closed the backdoors the intruders had set up.<\/p>\n