pointer

Category Archives: Network Security

The Worst Cyber Attacks and Data Breaches of 2014

Compiling a list of the most crippling cyber-attacks and data breaches of 2014 is a real eye-opener. Regardless of the size or industry, no business is completely immune from these vulnerabilities. As such, these criminal acts are important to publicize because they highlight a larger point about the importance of cyber security. In many ways, 2014 was the year that businesses—and the public at large—finally realized just how vulnerable they are to malicious attacks. Here are five incidents that opened eyes:

1.  JPMorgan

Hackers who perpetrated the cyber attack on JPMorgan compromised information from 76 million households and 7 million businesses. Although the financial services company says there is no evidence that personal account information or passwords were stolen, a New York Times report stated the hackers “drilled deep into the bank’s vast computer systems, reaching more than 90 servers.” This incident was particularly troubling because banks were previously considered relatively secure against hacks.

2.  Target

Although the Target data breach technically occurred during the 2013 holiday season, the company and its customers felt the ramifications well into this year. In fact, the incident eroded customers’ trust and hurt Target financially to the point that former CEO Gregg Steinhafel eventually resigned. Perhaps most disturbing about this attack was that Target received security alerts about the malware hackers were uploading into the system but ignored these notifications because they were difficult to verify.

3. eBay

The e-commerce giant was compromised sometime in February or March, as hackers were able to steal employee credentials and steal somewhere in the neighborhood of 145 million user passwords. Unfortunately the year only got worse from there, as the company was hacked again in September, this time so thoroughly that some links on the site actually directed users to spoof pages setup by criminals to look like eBay pages and trick customers into unwittingly handing over personal information.

4Home Depot

In what can only be termed an unmitigated disaster, the home improvement giant had malware running on its systems for five months before the problem was detected. Criminals made off with 56 million credit card numbers, gathering the information from self-checkout lanes at the store’s brick-and-mortar locations. In an effort to improve its public image, Home Depot offered free identity protection services for victims and is still trying to untangle all the details of the incident to get a clearer picture of what happened.

5. P.F. Chang’s China Bistro

The restaurant chain was compromised at 33 of its locations as hackers stole customer information from credit and debit cards. Amazingly, the intrusion went undetected from October of 2013 until June of this year before the Secret Service made the company aware that it had been breached.

Will 2015 Be Better?

Although hackers are always developing new techniques, businesses can drastically reduce the risk of an intrusion and make it easier to spot attacks as they happen by deploying network monitoring and cyber security solutions. For more information about how WildPackets helps protect organizations against criminals, download our white paper, “Real World Security Investigations With Network Forensics.”

Security Series Part 5: Are you Monitoring Your Employees Too?

Network security is everyone’s responsibility.

Many organizations task specific departments with implementing and monitoring security protocols. Much of the time, these efforts are focused on customer interactions, being that any compromising of client data (especially during the sales and service process) makes for terrible publicity and is the quickest way to ruin a customer relationship.

However, with the mobility and frenetic pace of today’s marketplace, it is just as important to develop and implement comprehensive internal security protocols and solutions.

An area of company communications that is especially vulnerable is WLAN. Because it uses radio transmissions, these exchanges are inherently more difficult to secure than wired LANs and are more prone to being intercepted. So, a key for modern businesses is ensuring that all employees are following security protocols to the letter. That’s what makes solutions like WildPackets’ OmniPeek so powerful and appealing.

OmniPeek is a wireless network analyzer and software console that offers an intuitive, easy-to-use graphical interface that allows rapid data analysis and troubleshooting on enterprise networks.  

A few of the key features include:

  • Deep packet inspection
  • Comprehensive 802.11 analysis, including 802.11ac
  • Complete VoIP monitoring and analysis
  • Application performance monitoring

For a quick look at OmniPeek in use, view the video below

With so many tools in one affordable offering, a wireless network analyzer like OmniPeek allows businesses to keep an eye on their security at all times. For that kind of feature richness and peace of mind, many business owners would pay a small fortune. But that’s arguably OmniPeek’s best attribute: you get all of these game-changing features for an affordable price.

Security Series Part 3: Improved Network Forensic Performance Bolsters Security Posture

Data breaches are constantly occurring in organizations of all sizes and industries. As such, you should assume that you’re under attack, or that one is forthcoming, and plan accordingly with network forensics tools. These tools must be able to capture, store, and analyze all network incidents going across the wire and replay them as needed. When a data breach occurs, these devices are invaluable.

An effective network forensics solution gives IT organizations and security teams a complete record and analysis of network activity over hours or days. When security tools raise alerts, IT organizations can use the network forensics tools to analyze traffic and find proof that an attack has actually taken place.

Common use cases for forensics include: 1) Confirming whether an incident was a false positive or real 2) Finding proof of a security attack 3) Identifying the source of data leaks 4) Monitoring user activity for IT/HR compliance and 5) Verifying business transactions.

Earlier this week, WildPackets announced the release of Omni 8.0 which accepts  time stamping from network packet brokers such as APCON, Gigamon, and Ixia. In addition, Omni 8.0 offers greatly improved forensics performance by up to 64%! Along with our record breaking capture- Continue reading