Tag Archives: malicious hacking

Point-of-Sale Malware Hits Black Market

During last year’s holiday season, Target was the victim of a massive data breach that turned out to be just the first in a long line of malicious intrusions among corporations. The Target breach was perpetrated using malware that tapped into and scanned computers connected to point-of-sale systems that process credit card payments.

Now, it seems, the same kind of point-of-sale malware used in the Target breach and a number of other attacks this past year is available in underground markets for as little as $2,000. Unfortunately for businesses that maintain large quantities of customer data, that availability means all cybercriminals—even those without the skills to develop and execute a sophisticated attack themselves—are a threat to network security.

The simple reality for contemporary businesses is that they must be prepared for attempted intrusions because they will be hit with multiple attacks.  In fact, in the US, at least one business is attacked every hour. Network monitoring solutions that include network forensics capabilities give IT engineers the visibility they need to ferret out these attacks and take decisive action. The four pillars of a complete cyber attack analysis solution are:

  • Network Recording – capturing network traffic from 1G, 10G and 40G networks around the clock for forensic analysis
  • Searching and Inspection – enabling administrators and security experts to comb through archived traffic for anomalies and signs of security events
  • Trend Analysis and Baselining – characterizing network and application usage so that anomalies can be detected more quickly
  • Reporting – capturing data and distilling analysis into reports so that security and IT experts can log the results of their investigations and review network vulnerabilities in post-mortem analysis

With more malicious weapons available to cybercriminals, businesses need advanced tools that help them meet network security challenges. So, is your organization prepared for these threats? If you’d like to learn more about how to upgrade your security, click here to read our white paper, “Network Forensics 101: Finding the Needle in the Haystack.”

Cyber Security Tops Boardroom Concerns

The findings from FTI Consulting’s recently released “Law in the Boardroom” survey of directors and general counsels are predictable but unsettling nonetheless. When asked what issues keep them up nights, respondents—all from the legal profession— cited data security more than any other concern.

In truth, it’s hard to imagine how network breaches and data theft wouldn’t be at the top of anybody’s list of corporate nightmares. The damages from such incidents are escalating and the incidents themselves are happening with greater frequency. Many companies are struggling to find solutions to this threat.

For instance, following a string of retailer breaches during the past year, the medical community was hit recently when Community Health Systems (CHS)—one of the nation’s largest operators of general acute care hospitals—lost HIPAA-protected information for approximately 4.5 million patients to hackers. On Monday, Aug. 18, the organization filed papers with the SEC saying that the intruding group—who CHS believes is based in China—“used highly sophisticated malware and technology to attack the company’s systems” and “was able to bypass the company’s security measures and successfully copy and transfer certain data outside the company.”

Considering the potential fines, the cost of providing credit monitoring to those affected and the public embarrassment, CHS has a huge mess on its hands. Patients who had records stolen are now at increased risk of identity theft; additionally, they have suffered a major invasion of privacy.

What these crippling breaches continue to make clear is network monitoring and forensics solutions are now essential to information security. Unfortunately, with hackers being trained all over the world, information theft and breach attempts are going to continue. The only question is how prepared your company will be to offset these risks.

View our upcoming webinar Security Attack Analysis – Finding and Stopping Network Attacks to learn more.

Lawful Interception: Friend or Foe?

At the end of August, Isa Saharkhiz filed a lawsuit against Nokia Siemens Networks for human rights abuses. Apparently, the Iranian journalist and activist (before going into hiding in northern Iran) wrote an article that criticized Mahmoud Ahmadinejad’s presidential election victory. Saharkhiz was later tracked down by security forces, arrested and beaten for more than a year, which he says was the direct result of mobile telephone intercepts and monitoring. Saharkhiz is now demanding that wireless communications systems based on global technology standards be sold without monitoring or tracking capabilities zorb balls for sale.

This controversial issue, better known as lawful interception (LI), is where law enforcement agencies (authorized by judicial or administrative order) conduct surveillance of circuit and packet-mode communications. It wasn’t long ago (2006) when then President George W. Bush signed an updated version of the Patriot Act, which increased further intelligence agencies’ ability to share information and loosened prior restrictions on communications surveillance. LI made headlines at the beginning of 2010 with the Google and China debacle, where Google was the victim of malicious hackings conducted with the approval of Chinese government agencies.

With respect to the Saharkhiz lawsuit, he argues that Nokia provided equipment with foresight of how Iranian authorities might use it to violate human rights. According to Saharkhiz, it is a corporation’s responsibility to adhere to global human rights norms and if they don’t they should face legal as well as social accountability.

Nokia stresses that mobile communications and the open and dynamic structure of the public Internet presents vulnerabilities that need to be watched. Monitoring can play an instrumental role in gathering intelligence data needed to restrain terrorism and track other threats to people, assets and information. Furthermore, Nokia says it is unrealistic to demand, as Saharkhiz does, that wireless communications systems based on global technology standards be sold without that capability.

Should Nokia be held accountable for the way Iran’s government approached the issue? Is handing over real-time forensic evidence via LI unacceptable? Whatever the outcome of the lawsuit, LI reports have had an excellent record of standing up in court as compelling, admissible evidence. One thing is for sure, LI techniques have come a long way and are still undergoing radical transformations to cope with the dynamic changes in both communications and networks.