007
02
_ THREATS TO YOUR ORGANIZATION
Global Payments Inc.
A global payment processing company was hacked
in June 2012. Over 1.5 million payment card
details were stolen.
Clarksville Tennessee U.S.
In June 2012 hackers broke into the Clarksville-
Montgomery County School System and stole
names, Social Security numbers and other personal
data of approximately 110,000 people. The hackers
used information that employees and students
posted online to gain access into the system
10
.
Serco Thrift Savings Plan
In May 2012, a computer attack against Serco Inc.
in the U.S. resulted in an information breach of
123,000 federal employees’ information.
University of Nebraska
suffered a data breach
on its Student Information Systems database. This
led to the theft of over 650,000 files containing
personal data of students, alumni, parents and
university employees.
U.S. Utah Dept. of Technology Services
In March 2012, 780,000 patient files relating to
Medicaid health program claims were stolen from
a server by hackers believed to be operating from
Eastern Europe.
United Kingdom‘s National Health Service
Between July 2011 and July 2012, the United
Kingdom’s National Health Service experienced
several data breaches that exposed nearly 1.8
million patient records
11
.
DATA-BREACH INCIDENTS
IN 2012
even more nodes. After reaching the target, the attacker
can further exploit the infected host to collect data or
cause damage remotely while remaining undisclosed
indefinitely.
Botnets are Here to Stay
One of the most significant network security threats that
organizations face today are botnets. A bot is a malicious
software that invades and infects a host computer to allow
cybercriminals to control it remotely. The infected host
can execute illegal activities such as stealing data, spreading
spam, distributing malware and participating in Denial of
Service (DoS) attacks. The owner of the infected computer
can be completely unaware of these activities. Bots also play
a key role in targeted APT attacks.
In APT attacks, the typical first action is to perform
reconnaissance to gather intelligence on the target’s
system. Then attackers make an initial intrusion into the
target’s network to open a back door which allows them
to persistently remain in the network. This is usually
accomplished by infecting a host with a bot which
allows the attacker to communicate with the infected
host without being detected. The attacker then strives
to gain further access into the network and compromise
BOT TOOLKITS ARE SOLD
ONLINE FOR $500, THEIR
DAMAGES COST BUSINESSES
MILLIONS OF DOLLARS
Numerous data-breach incidents took place in 2012. The result was that vast amounts of data stored on
corporate servers such as credit card and personal information of customers, students and patients was
compromised. These damaging assaults share the common goal of acquiring confidential information.
The following list presents several examples.
