BreachExchange mailing list archives
Data Exfiltration: How Data Gets Out
From: security curmudgeon <jericho () attrition org>
Date: Tue, 16 Mar 2010 18:29:01 +0000 (UTC)
http://www.csoonline.com/article/570813/Data_Exfiltration_How_Data_Gets_Out?page=1 Data Exfiltration: How Data Gets Out Most attention goes to keeping hackers out. But once they're inside, how do they extract data from your organization? Research from Trustwave's SpiderLabs shows the answer is often surprisingly simple. By Nicholas J. Percoco, SpiderLabs March 12, 2010 . CSO . Cyber criminals are increasingly becoming more sophisticated in their methods of attack. Often we can equate this to the methods of data exfiltration as well. Exfiltration, or exportation, of data is usually accomplished by copying the data from the system via a network channel, although removable media or physical theft can also be utilized. In 2009, the SpiderLabs team at Trustwave investigated over 200 data breaches in 24 different countries. While the methods used by cyber criminals to exfiltrate data from a compromised environment varied, the method of entry into an environment was often via the remote access application being utilized by the target organization. In the SpiderLabs investigations, 45 percent of compromises occurred by attackers gaining access to a system through a remote access application. These were not zero-day exploits or complex application flaws, and the attacks looked no different to the IT staff than, for example, the CEO connecting from London while on a business trip. The attackers also didn't need to brute-force the accounts they used. SpiderLabs found that 90% of these attacks were successful because of vendor-default or easily guessed passwords, like "temp:temp" or "admin:nimda." [..] _______________________________________________ Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org) Archived at http://seclists.org/dataloss/ Get business, compliance, IT and security staff on the same page with CREDANT Technologies: The Shortcut Guide to Understanding Data Protection from Four Critical Perspectives. The eBook begins with considerations important to executives and business leaders. http://www.credant.com/campaigns/ebook-chpt-one-web.php
Current thread:
- Data Exfiltration: How Data Gets Out security curmudgeon (Mar 17)