National Security at Risk: Easy Access to Sensitive Military Data by Foreign Threat Actors

In a recent investigation conducted by Duke University, a vulnerability in the United States national security framework has come to light. 

The study sheds light on how foreign threat actors can access sensitive information about US military personnel through the activities of data brokers. 

This revelation has raised serious concerns about the safety of national security and the privacy of military members and veterans.

Insider Threats Are Real Things

Okta’s Chief Security Officer acknowledged the failure of internal controls to detect the breach promptly. 

The threat actor gained unauthorized access to Okta’s customer support system, compromising the data of 134 Okta customers. 

The breach included HAR files containing session tokens, which are highly valuable for hijacking attacks. 

Something is missing in @okta breach report https://t.co/NUqtck5oAe
Okta claims that service account creds were saved in an employee's browser which led to compromise.
Service accounts are used by machines, and thus cannot have 2FA, so how come a user was using them manually? pic.twitter.com/9qSjmooHDM

— Tal Be'ery (@TalBeerySec) November 6, 2023

The source of this exposure was an employee who had logged into a personal Google account on a company-managed laptop, inadvertently saving the service account credentials. 

The breach exposed a significant vulnerability in the organization’s security framework, emphasizing the need for robust internal controls and employee cybersecurity awareness.

Seiko, on the other hand, suffered a significant data breach, affecting customers, business partners, and employees. 

The attack was attributed to the ransomware group BlackCat and ALPHV, which claimed to have stolen over 2 terabytes of data. 

Threat Actor: ALPHV / BlackCat
Ransomware Victim: Japan Aviation Electronics Industry, Ltd.
Date: 2023-11-07
Note: Allegedly, #ALPHV #BlackCat has named #JapanAviationElectronicsIndustry as a victim. #Ransomware #StopRansomware #DarkWeb #DarkWebInformer #Leaks #Leaked… pic.twitter.com/pOYTDQhoQF

— Dark Web Informer (@DarkWebInformer) November 7, 2023

This included employee information, production technology details, audio and video recordings of management meetings, emails, and passport copies of employees and foreign visitors.

Data Brokers: A Deadly Threat for Nations

Data brokers collect, aggregate, and distribute or license the information they gather from various sources. 

This expansive network includes credit reporting agencies like Equifax and Experian, marketing companies like Acxiom, data analytics and risk assessment firms like Verisk, and even mobile applications that quietly collect and sell user data to third parties without proper consent.

The Treasure Trove of Personal Data

The information gathered by data brokers encompasses a vast spectrum of personal details, including names, demographic information, political affiliations, lifestyle attributes, residential and email addresses, GPS coordinates, financial status, and even health records. 

Data has become a prime target for malicious threat actors who exploit it for various nefarious purposes, including scams, extortion, targeted profiling, character assassination, and stalking.

National Security at Risk

The exposure of such sensitive information poses a significant risk to national security, particularly concerning military members. 

The Duke University study reveals that, despite some data brokers taking measures to safeguard this data, a concerning lack of security measures exists in the system.

A Disturbing Experiment

To understand the gravity of the situation, the Duke University research team approached a dozen data brokers in the United States to procure information about military personnel and veterans. 

Their findings exposed inconsistent methods used by brokers to verify customer identities and a need for robust regulatory oversight by the US government.

Time to Leave The Earth and Go to Mars!

The researchers acquired sensitive military information for as little as $0.12 per record when buying in bulk, dropping prices to just $0.01 per individual for larger purchases. The ease with which this data could be obtained is deeply concerning.

Foreign Threat Actors’ Interest

The Duke researchers emphasized that foreign governments have historically shown a strong interest in acquiring data about American individuals and organizations, often for espionage, election interference, and other covert operations. 

Their focus on the US military, driven by its high-stakes nature, heightens the risk.

Recommendations for Safeguarding National Security

Is Our Security Worth a Penny?

The findings have come as an alarm! Data brokers are the people we trust for our confidential data, and if they are not keeping it safe, then no one can do so. 

The country’s stability is in the hands of its military, and if such data leaks are expected at a dime, this situation is something to stop and think about for a moment.

What would you do? Sit and watch? It is the time to act together for our safety and national interest.