Today, highly targeted, low profile network breaches are on the rise. Designed for economic gain, the consequences of these attacks are growing increasingly dire. In the last few months alone there have been not one, but two high profile hacks: Target and eBay. While the fallout from the eBay attack is still uncertain, the after effects of the Target attack were far reaching and long term.
A BloombergBusinessweek story on the Target breach indicates that Target received alerts about malware being uploaded to some of its systems. However, these alerts were ignored. Often these types of alerts are ignored because verification is difficult. But as we saw with Target – ignoring alerts is a risky move.
Network forensics makes it extremely easy to verify any security alert. In the case of Target, a simple forensics search on recorded network traffic over a specific period of time and including specific IP addresses, would have verified activity quickly and easily. Verification of the malware alert would have given Target the information needed to take action and prevent further spread of the malware, and prevent any data leakage at all. With network forensics you can verify alerts and identify the depth of the breach – all with a few simple clicks the instant an alert is received.
Stories about the eBay attack pointed to the fact that eBay used forensics to track the breach back to its origins and identify exactly what had been stolen. While we do not know what type of forensics they used, we know that packet-based forensics would provide 100 percent clarity regarding what was stolen, when it was stolen, and what methods were used once the hackers were logged in.
In our May 28 webinar, “Your Insurance Policy for Network Breaches” you’ll learn:
- how network forensics—network recording along with powerful search and analysis tools—can enable your in-house security team to track down, verify, and characterize attacks
- what is required for effective forensics on today’s 10G and 40G networks
- best practices for configuring captures to help you and your team pinpoint and remediate anomalous behavior that could signal an attack.
RSVP to this complimentary webinar to learn more about your network breach insurance policy: network forensics.