Cyberthieves lose their loot

It is common knowledge that if
you have valuable data on a server,
you should protect it with encryption
and access controls.

And with a thriving black market
in personal information that
now rivals the illicit drug trade,
you would think that stolen data
would be considered valuable. If
it was worth stealing in the first
place, isn't it worth protecting?

But when analysts at Finjan's
Malicious Code Research Center
began following some suspicious
outgoing traffic from one of their
customer networks, it led them to
a server that not only hosted malicious
code and the command-and-control applications for Web
site attacks but also was a drop
point for data harvested from
compromised computers.

The researchers found 1.4G of
raw data that included medical
records, personal and business
e-mails, financial account information
and transaction data.

'It was just there waiting for
someone to collect it,' said Yuval
Ben-Itzhak, Finjan's chief technology
officer. No encryption, no
access controls of any kind were
present to hide it or keep the researchers
out.

'They did a great job of infecting
other people but a bad job of
protecting their own server,' he
said.

The server has been shut down,
the information is gone and the
authorities have been alerted.
Remember, security is everybody's
business.

About the Author

William Jackson is freelance writer and the author of the CyberEye blog.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above