OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
[Dataloss] Data Exfiltration: How Data Gets Out

From: security curmudgeon (jerichoattrition.org)
Date: Tue Mar 16 2010 - 13:29:01 CDT


http://www.csoonline.com/article/570813/Data_Exfiltration_How_Data_Gets_Out?page=1

Data Exfiltration: How Data Gets Out
Most attention goes to keeping hackers out. But once they're inside, how
do they extract data from your organization? Research from Trustwave's
SpiderLabs shows the answer is often surprisingly simple.
By Nicholas J. Percoco, SpiderLabs

  March 12, 2010 . CSO .

Cyber criminals are increasingly becoming more sophisticated in their
methods of attack. Often we can equate this to the methods of data
exfiltration as well. Exfiltration, or exportation, of data is usually
accomplished by copying the data from the system via a network channel,
although removable media or physical theft can also be utilized.

In 2009, the SpiderLabs team at Trustwave investigated over 200 data
breaches in 24 different countries. While the methods used by cyber
criminals to exfiltrate data from a compromised environment varied, the
method of entry into an environment was often via the remote access
application being utilized by the target organization. In the SpiderLabs
investigations, 45 percent of compromises occurred by attackers gaining
access to a system through a remote access application. These were not
zero-day exploits or complex application flaws, and the attacks looked no
different to the IT staff than, for example, the CEO connecting from
London while on a business trip. The attackers also didn't need to
brute-force the accounts they used. SpiderLabs found that 90% of these
attacks were successful because of vendor-default or easily guessed
passwords, like "temp:temp" or "admin:nimda."

[..]
_______________________________________________
Dataloss Mailing List (datalossdatalossdb.org)
Archived at http://seclists.org/dataloss/

Get business, compliance, IT and security staff on the same page with
CREDANT Technologies: The Shortcut Guide to Understanding Data Protection
from Four Critical Perspectives. The eBook begins with considerations
important to executives and business leaders.
http://www.credant.com/campaigns/ebook-chpt-one-web.php