The largest financial cyber-hacking in the history of cyber hacking was exposed this week during the charging of individuals in the USA.
These individuals (three of them, a nice prime number) used legitimate trading accounts registered to one of them (not so clever) to access the details of 100 million people – That’s right 100 million individuals. And then used these details to swing the prices of shares which in turn they shorted to make a profit.
There is a really good BBC article about the detail here.
The interesting thing about this is the link between exploit and scale. The FBI investigator on the case described the crime like this:
“The charged crimes showcase a brave new world of hacking for profit,” said Preet Bharara the lead prosecutor on the case.
“It is no longer hacking merely for a quick payout, but hacking to support a diversified criminal conglomerate”.
This is, or should be a monster wake up call to all users of the Internet. The trick here is that the victims identities, presumably just email addresses were exploited probably by some kind of phishing email. Just the 100 Million people. No biggy.
Relatively new as compared to locks, safes and vaults, Internet business will always be vulnerable to increasingly complex and ingenious attack. Last week’s blog about the beauty and elegance of CryptoWall, now at a terrifying version 4 points this out.
The time has come to shift our paradigm from ‘the how ‘to ‘the why’.
We must assume that attack is inevitable. We must identify our Crown Jewels and not only protect them but understand what we would do should our defences be breached.
Being aware of your details being exposed on the so-called ‘Dark Web’ is becoming an essential tool in the security stack. ITC has a number of tools integrated into our NetSure360° Managed Security Solution. It is really important to get a grip on the gossip and chatter before it’s too late.
Threat Intelligence is moving from luxury to commodity for all of these reasons and you should take some time to think about it.
If you would like to know more about this, Valentino Rossi’s disgraceful treatment or any security related issue, do contact us on: 020 7517 3900 or email firstname.lastname@example.org.