Clare Ward writes:
Once again, Verizon has opened the doors on the reality of a data breach with the launch of the Verizon 2018 Data Breach Digest (DBD) series, enabling businesses to read undisclosed stories from the company’s cyber-investigative vault.
The Data Breach Digest series puts cybercrime in context, outlining the (anonymized) specifics of data breaches and cybersecurity incidents for cyber defenders across all businesses to benefit from Verizon’s insights.
Cybercrime victims often believe they are the victim of an isolated attack; however, in reality this is not the case – thousands of companies experience data breaches or cybersecurity incidents every month. Unfortunately, most breaches are never publicly disclosed, preventing others from learning from the facts. This plays to the advantage of cybercriminals, enabling them to reuse successful breach tactics time and time again on new, unsuspecting organizations.
By opening up Verizon’s cybercrime files via the Data Breach Digest scenarios, we are offering a panoramic insider’s view of the cyber threat activities in an effort to share what we have seen with other organizations around the global. Our hope is that we can learn together – and in doing so, better equip ourselves in the fight against cybercrime.
Read more on Verizon. As of today, here are the stories available, as described by Verizon:
- Credential Theft – the Monster Cache: Credential theft is an increasingly common target for cybercriminals, but is actually relatively easy to prevent. This story outlines how the development of cyberattack models, which outline threat actor goals, capabilities, and methods were combined with organization profiling to help organizations protect themselves against attack. This case demonstrates how an awareness of an attack vector common to the target’s specific industry could have prevented a major data breach.
- Insider Threat – the Card Shark: For this case, Verizon experts conducted a Payment Card Industry (PCI) forensic investigation on unauthorized ATM withdrawals. What they found was a network and physical security structure flawed from start to finish. This case walks readers through the investigation to see the many process and policy challenges that enabled this attack.
- Crypto-Jacking Malware – the Peeled Onion: Sometimes attackers care less about proprietary information and more about processing power. This incident demonstrated how a strong firewall can be undone with missed security patches, turning a client’s system into a stealthy cryptocurrency miner.
- Third-Party Palooza – the Minus Touch: Digital forensics starts with the data – but what if there’s no data to be found? A blank hard drive and an uncooperative co-location data center starts the Verizon team on a hunt for the what/where – and what was done with it!