007
02
_ THREATS TO YOUR ORGANIZATION
Global Payments Inc.
A global payments processing company, was
hacked in June 2012. Over 1.5 million payment
card details were stolen.
Clarksville Tennessee U.S.
In June 2012 hackers broke into the Clarksville-
Montgomery County School System and stole the
names, Social Security numbers, and other personal
data of about 110,000 people. The hackers used
information that employees and students posted
online to gain access into the system
10
.
Serco Thrift Savings Plan
In May 2012, a computer attack against Serco
in the U.S., resulted in an information breach of
123,000 federal employees’ information.
University of Nebraska
suffered a data breach
that led to the theft of over 650,000 files of
personal data related to students, alumni, parents
and university employees from the Nebraska
Student Information Systems database.
U.S. Utah Dept. of Technology Services
In March 2012, 780,000 patient files related to
Medicaid health program claims were stolen from
a server by hackers believed to be operating out of
Eastern Europe.
United Kingdom‘s National Health Service
Between July 2011 and July 2012, the United
Kingdom‘s National Health Service experienced
several data breaches that exposed nearly 1.8
million patient records
11
.
DATA-BREACH INCIDENTS
IN 2012
even more nodes. After this step the attacker has
reached his target, he can now exploit the infected
hosts to collect data or cause the intended damage
remotely while maintaining persistence and under
the radar for the long term.
Botnets are Here to Stay
One of the most significant network security threats
that organizations are facing today are botnets. A
bot is a malicious software that invades and infects a
computer to allow criminals to control it remotely. The
infected computer can execute illegal activities such
as: stealing data, spreading spam, distributing malware
and participating in Denial of Service (DoS) attacks.
The owner of the infected computer can be completely
In APT attacks, the typical first action is to
perform reconnaissance to gather intelligence on
the target. Then attackers make an initial intrusion
into the target’s network to open a back-door
and stay persistent in the network. This is usually
accomplished by infecting a host with a bot, allowing
the attacker to communicate with the infected host
without being detected. The attacker then strives to
gain further access into the network and compromise
BOT TOOLKITS ARE SOLD
ONLINE FOR $500, THEIR
DAMAGES COST BUSINESSES
MILLIONS OF DOLLARS
Numerous data-breach incidents took place this year, exposing data stored on corporate servers
related to payment cards, customer, student or patient data. These malicious activities share the
common goal of acquiring confidential information. The following list presents a few examples:
1,2,3,4,5 7,8,9,10,11,12,13,14,15,16,...50