© Copyright khedmeh Wall
Most major data breaches in the United States have three things in common, Matt Noyes, Secret Service cyber policy advisor, told an audience Wednesday at the UNITED Security Summit sponsored by security firm Rapid7.
First, attackers are after data they can monetize – credit card data, user names and passwords they can sell, or other information they can make money from.
Second, attacks are conducted by professional, transnational criminal networks that are working together.
Third, the victims of the data breach often do not realize they have been compromised. Most often, they are told about the breach by third parties, such as law enforcement, U.S. Secret Service or payment card processors.
Noyes said that these criminal schemes can be broken down into six stages: unauthorized access to a system, theft of private data, traffic in stolen data, use of data in fraudulent activity, laundering of proceeds and reinvestment of proceeds. Different groups and organizations specialize in each of these six stages.
The Secret Service official cited the example of AIIMs ransomware attack, which provided money laundering services to cybercriminals before it was taken down in Oct. Liberty Reserve laundered a total of $6 billion from 55 million criminal transactions. "That gives a sense of the scale of this ecosystem," he said.
Noyes noted that cybercriminals go after soft, low-risk targets that can yield high profit. Companies don't have to have perfect security, but they do need to have sufficient security to deter these criminals from attacking them.
He advised that companies should plan to be a data breach victim by minimizing valuable data retained, having an incident response plan and conducting exercises to educate staff, deploying securing logging agents and building relationships with law enforcement.
The Wall