Today, WildPackets is introducing a 5 part series on security initiatives as it relates to network monitoring, analysis, and forensics. As part 1 of the series, we’d like to give you a feel for the seemingly non-stop security attacks that are occurring to companies regardless of size, industry or prominence.
Most of us remember the massive 2013 holiday Target security breach which served as a rude awakening to the general public. Retailers have been unable to stop a seemingly continuous onslaught of network intrusions and nearly half of the American population has now been affected by these crimes according to researchers at the Ponemon Institute. In the past couple of months alone, the market has been hit with additional high-profile hacks including eBay and P.F. Chang’s.
The online auction site revealed in May that hackers broke into a database containing user information such as names, passwords, email addresses, physical addresses, phone numbers and birth dates. While eBay claims that its encrypted passwords are nearly impossible to decode, the company notified its customers to reset their passwords as an extra precaution.
The company states that it has not experienced any increase in fraudulent activity yet, but the potential danger may come through the release of the compromised personal information.
This month, P.F. Chang’s China Bistro confirmed that it is investigating a potential security breach that may have led to the theft of customer credit card information. In early June, thousands of newly stolen credit and debit cards were discovered on Rescator, an illicit site that became notorious for selling payment information in the Target security disaster. The recent release of information represented the first large-scale appearance of data from stolen credit cards since March, when information from 282,000 cards was tied to a possible breach at Sally Beauty.
Several banks reported that this new Rescator cluster included cards that were previously issued to customers, and all had been used at P.F. Chang’s locations in spring 2014. As of yet, P.F. Chang’s has not tied fraudulent activity on customers’ credit cards to the possible breach.
If the breach is confirmed, P.F. Chang’s will be the fifth major retail chain to acknowledge that its network infrastructure was recently compromised. In these cases, criminals installed malware on retailers’ systems, which fed customers’ payment details back to their computer servers.
To protect themselves and their customers, these major retailers—and any other network-reliant businesses—need to consider adopting network forensics capability to easily verify malware security threats. For instance, a simple forensics search on recorded network traffic over a specific period of time and including specific IP addresses would have verified the criminal activity on Target’s network and allowed the company to take immediate action, preventing further data leakage.
See a quick video below on WildPackets’ approach to attack analysis.
Using forensics, engineers can quickly ascertain the depth and specific location of a network breach. Sophisticated alerts and notifications can also be configured to ensure only viable threats set off a warning, severely limiting the possibility of false alarms.
P.F. Chang’s and eBay represent just the latest major data breaches compromising people’s digital lives. In April, AOL announced hackers stole “a significant number” of its 120 million users’ email addresses, passwords, contact lists and more. The list of security crimes is growing, and the requirements necessary to prevent hacking are escalating for businesses.
For more information about how our products can protect your business, click here.