Cyberthieves lose their loot

It is common knowledge that if
you have valuable data on a server,
you should protect it with encryption
and access controls.

And with a thriving black market
in personal information that
now rivals the illicit drug trade,
you would think that stolen data
would be considered valuable. If
it was worth stealing in the first
place, isn't it worth protecting?

But when analysts at Finjan's
Malicious Code Research Center
began following some suspicious
outgoing traffic from one of their
customer networks, it led them to
a server that not only hosted malicious
code and the command-and-control applications for Web
site attacks but also was a drop
point for data harvested from
compromised computers.

The researchers found 1.4G of
raw data that included medical
records, personal and business
e-mails, financial account information
and transaction data.

'It was just there waiting for
someone to collect it,' said Yuval
Ben-Itzhak, Finjan's chief technology
officer. No encryption, no
access controls of any kind were
present to hide it or keep the researchers
out.

'They did a great job of infecting
other people but a bad job of
protecting their own server,' he
said.

The server has been shut down,
the information is gone and the
authorities have been alerted.
Remember, security is everybody's
business.

About the Author

William Jackson is a Maryland-based freelance writer.

Featured

  • automated processes (Nikolay Klimenko/Shutterstock.com)

    How the Army’s DORA bot cuts manual work for contracting professionals

    Thanks to robotic process automation, the time it takes Army contracting professionals to determine whether prospective vendors should receive a contract has been cut from an hour to just five minutes.

  • Russia prying into state, local networks

    A Russian state-sponsored advanced persistent threat actor targeting state, local, territorial and tribal government networks exfiltrated data from at least two victims.

Stay Connected