The anatomy of a data breach: stolen details in demand on shadowy secondary markets
Thursday, November 13, 2014
Posted by: Brian Monroe
In the online arms race between cyber criminals with viral smart bombs and companies crafting ever more ironclad virtual vaults to keep them out, it seems this year that the bad guys have taken down more than their fair share of key strongholds – from big banks and their coveted cache of financial data to retailers replete with customer card details – though the war is far from over.
Once breached, the data is scrutinized by the unscrupulous, sifted and shifted much like prospectors panning for gold. They want to cull their haul, to pull out the most critical details, which will then be bundled together, repackaged for resale and sent or sold to conspirators around the world to keep the criminal enterprise running. This is all typically done in an incredibly tight time frame, in some cases minutes or even hours, to maximize the amount of money stolen or packages purloined before banks turn the leaky spigot off and investigators attempt to follow them down the rabbit hole.
ACFCS created a presentation to explain what happens before, during and after a cyber attack, following the data through this elaborate web of financial crime.