Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.

Scary (but true) cybersecurity horror stories

Exabeam presents four spooky stories from the field, guaranteed to keep CSOs up at night. What's haunting your enterprise network? Read to find out...

  • Identifiez-vous pour voir les commentaires

Scary (but true) cybersecurity horror stories

  1. 1. 4 CYBERSECURITY HORROR STORIES GUARANTEED TO KEEP CSOs UP AT NIGHT
  2. 2. HACKERS ARE MAKING THEMSELVES AT HOME IN ENTERPRISE NETWORKS MORE THAN EVER BEFORE. On average, hackers go undetected for 46 DAYS – a 229% INCREASE* over the past six years. *Ponemon Institute 2015 Cost of Cyber Crime Study
  3. 3. WANT TO GIVE YOUR CFO A FRIGHT, TOO? Cyber attacks on U.S. enterprises cost an average of $12.7 MILLION* in annual damages. *Report: Cybercrime costs US $12.7M a year
  4. 4. SO, HOW ARE HACKERS AVOIDING DETECTION?
  5. 5. POINT-OF-SALE SYSTEMS BREACHES Non-privileged employees can pick up viruses that ride VPN connections and make connections with PoS systems. In one instance, we found a virus that made connections with 1,700 PoS systems. HORROR STORY #1
  6. 6. POINT-OF-SALE SYSTEMS BREACHES By monitoring for anomalous behavior by user, it was clear that the access was unwarranted. Russian hackers alone profited more than $2.5 billion from PoS- related cybercrime in 2014.* HORROR STORY #1 * https://www.sans.org/reading-room/whitepapers/bestprac/point-sale-pos-systems-security-35357
  7. 7. FRIGHTENINGLY EASY EMAIL FRAUD When a hacker gains an executive’s credentials, the hacker can easily order a money wire transfer while the executive is on vacation or away from email. This can result in thousands of dollars missing from a company in a matter of hours. HORROR STORY #2
  8. 8. FRIGHTENINGLY EASY EMAIL FRAUD As of January 2015, companies in the United States had wired an estimated $179,755,367 to hackers. Victims in other countries have wired $35,217,136.22.* Without behavior monitoring, there is no way to differentiate the executive from the hacker posing as an executive. HORROR STORY #2 * http://consumerist.com/2015/03/10/scammers-are-taking-more-money-with-fake-boss-wire-transfer-schemes/
  9. 9. EERIE IDENTITY SWITCHING A solar company believed Chinese hackers had breached two machines and was in the process of securing them. The security team later found that the hackers had switched identities and compromised 57 machines across the company network. HORROR STORY #3
  10. 10. EERIE IDENTITY SWITCHING Security teams must monitor every step of the attack chain to catch the hackers as they switched identities. Without a full picture of the attack chain, there is no way to know where hackers have created back doors to stay within a network. HORROR STORY #3
  11. 11. REACHING ACROSS INTERNATIONAL NETWORKS In a breach of a large e-commerce company, hackers accessed systems in Mumbai and China using stolen credentials from a California-based employee. Most security systems don’t monitor the location of employee log-ins. HORROR STORY #4
  12. 12. REACHING ACROSS INTERNATIONAL NETWORKS Without monitoring for anomalous behaviors of each user, hackers posing as employees often go undetected. User behavior analytics follows the locations and behaviorial patterns of each user. HORROR STORY #4
  13. 13. Are you ready to get serious about the threats haunting your network? LET’S TALK

×