Tag Archives: network forensics

WildPackets Launches 2nd Annual Trends in Network Forensics Survey

According to the Center for Strategic & International Studies, cybercrime costs $375-$575 billion annually and last year caused a net loss of up to 200,000 jobs in the U.S. alone. Data breaches not only damage company performance and integrity, but also impair commerce, competitiveness, innovation and a nation’s overall business growth.

With network forensics–the comprehensive, high-speed capture and analysis of network traffic–IT organizations and in-house security teams gain access to in-depth analysis of network traffic. Security teams can use network forensics to more quickly investigate and stop security attacks by acting on hard evidence about who, what, where, and when.

In February 2014, WildPackets surveyed more than 250 network engineers and IT professionals to better understand the availability and use of network forensics solutions in the enterprise. The survey, Trends in Network Forensics, revealed how many organizations have a network forensics solution in place as well as how organizations are using their network forensics solutions and its benefits.

A year has passed, and thanks to a series of highly publicized data breaches, including the Target and Anthem breaches, security is more than ever on IT organizations’ minds.

This month, WildPackets is kicking off the second annual network forensics survey to better understand how enterprises are using network forensics for security investigations and other IT operations. You can help shape the direction of network forensics in 2015 by participating in our survey. As a thank you, you will automatically have a chance to win a $100 Amazon gift card.

This short survey takes less than 5 minutes to complete. All data is completely anonymous. In order to get accurate results, we need a large sample of respondents across the community. The survey will be running through the month of February so don’t wait!

Survey URL: http://svy.mk/1zXwsou

Point-of-Sale Malware Hits Black Market

During last year’s holiday season, Target was the victim of a massive data breach that turned out to be just the first in a long line of malicious intrusions among corporations. The Target breach was perpetrated using malware that tapped into and scanned computers connected to point-of-sale systems that process credit card payments.

Now, it seems, the same kind of point-of-sale malware used in the Target breach and a number of other attacks this past year is available in underground markets for as little as $2,000. Unfortunately for businesses that maintain large quantities of customer data, that availability means all cybercriminals—even those without the skills to develop and execute a sophisticated attack themselves—are a threat to network security.

The simple reality for contemporary businesses is that they must be prepared for attempted intrusions because they will be hit with multiple attacks.  In fact, in the US, at least one business is attacked every hour. Network monitoring solutions that include network forensics capabilities give IT engineers the visibility they need to ferret out these attacks and take decisive action. The four pillars of a complete cyber attack analysis solution are:

  • Network Recording – capturing network traffic from 1G, 10G and 40G networks around the clock for forensic analysis
  • Searching and Inspection – enabling administrators and security experts to comb through archived traffic for anomalies and signs of security events
  • Trend Analysis and Baselining – characterizing network and application usage so that anomalies can be detected more quickly
  • Reporting – capturing data and distilling analysis into reports so that security and IT experts can log the results of their investigations and review network vulnerabilities in post-mortem analysis

With more malicious weapons available to cybercriminals, businesses need advanced tools that help them meet network security challenges. So, is your organization prepared for these threats? If you’d like to learn more about how to upgrade your security, click here to read our white paper, “Network Forensics 101: Finding the Needle in the Haystack.”

The Worst Cyber Attacks and Data Breaches of 2014

Compiling a list of the most crippling cyber-attacks and data breaches of 2014 is a real eye-opener. Regardless of the size or industry, no business is completely immune from these vulnerabilities. As such, these criminal acts are important to publicize because they highlight a larger point about the importance of cyber security. In many ways, 2014 was the year that businesses—and the public at large—finally realized just how vulnerable they are to malicious attacks. Here are five incidents that opened eyes:

1.  JPMorgan

Hackers who perpetrated the cyber attack on JPMorgan compromised information from 76 million households and 7 million businesses. Although the financial services company says there is no evidence that personal account information or passwords were stolen, a New York Times report stated the hackers “drilled deep into the bank’s vast computer systems, reaching more than 90 servers.” This incident was particularly troubling because banks were previously considered relatively secure against hacks.

2.  Target

Although the Target data breach technically occurred during the 2013 holiday season, the company and its customers felt the ramifications well into this year. In fact, the incident eroded customers’ trust and hurt Target financially to the point that former CEO Gregg Steinhafel eventually resigned. Perhaps most disturbing about this attack was that Target received security alerts about the malware hackers were uploading into the system but ignored these notifications because they were difficult to verify.

3. eBay

The e-commerce giant was compromised sometime in February or March, as hackers were able to steal employee credentials and steal somewhere in the neighborhood of 145 million user passwords. Unfortunately the year only got worse from there, as the company was hacked again in September, this time so thoroughly that some links on the site actually directed users to spoof pages setup by criminals to look like eBay pages and trick customers into unwittingly handing over personal information.

4Home Depot

In what can only be termed an unmitigated disaster, the home improvement giant had malware running on its systems for five months before the problem was detected. Criminals made off with 56 million credit card numbers, gathering the information from self-checkout lanes at the store’s brick-and-mortar locations. In an effort to improve its public image, Home Depot offered free identity protection services for victims and is still trying to untangle all the details of the incident to get a clearer picture of what happened.

5. P.F. Chang’s China Bistro

The restaurant chain was compromised at 33 of its locations as hackers stole customer information from credit and debit cards. Amazingly, the intrusion went undetected from October of 2013 until June of this year before the Secret Service made the company aware that it had been breached.

Will 2015 Be Better?

Although hackers are always developing new techniques, businesses can drastically reduce the risk of an intrusion and make it easier to spot attacks as they happen by deploying network monitoring and cyber security solutions. For more information about how WildPackets helps protect organizations against criminals, download our white paper, “Real World Security Investigations With Network Forensics.”