Skip to main content

The Hard Cold Truth – Somebody Else’s Breach Could Become Your Problem

May 22, 2014

Did you read yesterday’s article in The New York Times about eBay’s breach? The piece stated that “Security experts warned that stolen information would make eBay customers easy targets for phishing attacks…” And then this morning, Businessweek reported that eBay assured users and stockholders that hackers gained no credit card numbers or other financial information. Businessweek also reported that the attackers gained access to a computer database that held the names, email addresses, street addresses, phone numbers and dates of birth of eBay users.

What did both articles fail to mention? This breach could potentially mean trouble for your organization.

How?

According to The New York Times, hackers gained access to the personal data of 145 million customers. That’s a lot of people. The large majority of those people work somewhere. Maybe they work for your company? If so, and if one of them is successfully phished – via corporate OR personal email address – and uses a corporate laptop to visit a site that includes successful code execution, anywhere that laptop goes is potentially at risk. Lots of bad stuff can happen from simply getting an email address.

Here’s how it could go down:

•  Attacker sends a phishing email to target.
•  Target takes the bait and clicks on a link.
•  Attacker gets remote execution – the computer opens a port and sends the attacker a way to interact directly with your system.
•  Attacker has bypassed firewalls, routers – you name the technology – and is inside your network.
•  Attacker can now see what other computers are out there, can get a stronger foothold, looks to escalate privileges and meets his objectives (security credit card data, competitive information, etc.).

Your job is to stop the consequences related to a successful phish, which tends to be malware proliferation in the environment with a goal of data exfiltration. Let’s be honest – at some point a system on your network is going to get infected. There’s no silver bullet that will enable you to avoid infection. But, proper network segmentation can help you drastically limit the infection rate. Here’s an example: if I’m in HR and there’s proper segmentation and I only have access to two servers and the Internet, the infection rate is limited to the level of access that I have. Network segmentation is really the difference between providing an attacker with limited access to systems and data, or giving them the ability to catapult across your moat, dragon and guards, right into your castle.

 

The truth is that most companies do a terrible job with segmentation, or just plain ignore the concept all together. That’s because it’s often a complete pain to figure out what type of segmentation is logical and appropriate. However, it’s important enough that we strongly recommend it in every single assessment we do.

Do you have a process set-up for proper notification and issue handling? If there is a large phishing attack on your organization and an employee calls the help desk, will they know what to research and how to prevent access? Can they assess what actually happened and if the network is now at risk? Being prepared makes a huge difference in how an attack impacts your organization.

Related Blogs

June 25, 2014

Three "E"s of Modern Email Security for Phishing: #1 Enhanced Technology

Every day, over a billion emails are sent containing malicious links and attachments, tempting users to take the bait and effectively launch an attack...

See Details

February 04, 2011

Restaurant Protection from Data Security Breach | Optiv

Last week, ABCNews.com published an article discussing a new study in which Visa identified restaurants as the most likely sources of credit card thef...

See Details

April 09, 2014

The Evolution of Malware and Security Compromise

Malware is evolving and changing at an unprecedented rate. The fact is that 95% of all organizations have been compromised, without their knowledge, i...

See Details

How Can We Help?

Let us know what you need, and we will have an Optiv professional contact you shortly.


Privacy Policy

Related Insights

January 24, 2014

Trends in Credit Card Data Breaches and Why You Should Be Concerned

As FishNet Security's Incident Management team handled credit card data breaches, PFIs and other response engagements in 2013, they observed a rise in...

See Details

July 21, 2015

Network Security Solutions

Learn how we help protect your environment while maintaining connectivity.

See Details

January 20, 2014

POS Malware - A Long-Term Mitigation Solution | Optiv

It has been reported that the KAPTOXA operation responsible for recent breaches to two major retailers – and potentially more – utilized a variant of ...

See Details

Stay in the Know

For all the latest cybersecurity and Optiv news, subscribe to our blog and connect with us on Social.

Subscribe

Join our Email List

We take your privacy seriously and promise never to share your email with anyone.

Stay Connected

Find cybersecurity Events in your area.