An NSA official has revealed that a government-backed hacking group tried to breach the Department of Defense via the same software vulnerability that was used against Equifax, less than 24 hours after the exploit became public knowledge.
David Hogue, a senior technical director for the NSA’s Cybersecurity Threat Operations Center, says that this shows how most attackers, regardless of skill or available resources, will first rely on simplistic and easily accessible methods to compromise their victims. In this case, the exploit took advantage of a known vulnerability in the Apache Struts software framework, which Equifax went months without fixing.
Hogue says that “zero-day” vulnerabilities are uncommon problem for the NSA. “The majority of incidents we see are a result of hardware and software updates that are not applying.” Most data breach incidents that are analyzed by his team are caused by phishing emails or unpatched vulnerable systems.