Page 32 - Cyber Defense eMagazine December 2022 Edition
P. 32
• September 16, 2022. American Airlines disclosed a data breach that had occurred in July of
2022. Approximately 1,700 employees and customers data was exposed in the breach as a result
of a phishing attack.
• September 15, 2022. Uber’s private Slack channel was breached by the Lapsus$ group that has
successfully compromised companies such as Microsoft, Nvidia and Samsung. The Hackers
gained full access to Uber’s internal databases and source code. They were able to successfully
get pass Uber’s multi-factor authentication.
• September 12, 2022. U-Haul informed customers of a data breach that included customer names
and drivers licenses. The Hackers gained access to rental contracts from November 2021 to April
2022.
• July 19, 2022. Hacker posted data for sale on 69 million Neopets users. Stolen data included
date of birth, email address, name, zip code and much more. Other Hackers in the past have also
accessed Neopets databases.
• June, 2022. Flagstar Bank in Michigan was breached. The social security numbers of 1.5 million
customers were stolen. The attack occurred in December 2021 and was discovered in June 2022.
• April, 2022. Block (formerly Square) disclosed their Cash App was breached by a former
employee. Brokerage numbers, customer names, portfolio value, stock trading info and other data
was stolen.
• March, 2022. Okta an authentication company was breached. Approximately 2.5% of their
customers data was exposed. Hackers gained access via a 3rd-party customer support provider.
• February, 2022. GiveSendGo a Christain fundraising website was hacked. The personal details
on 90,000 people were posted by the hackers.
Conventional approaches to cyber security may NOT prevent Data Exfiltration and Data Breaches. In
2020 the DHS, Department of State, U.S. Marine Corps and the Missile Defense Agency recognized this
and all issued requests for proposals (RFP) for network full packet data capture for Deep Packet
Inspection analysis of network traffic. This is an important step forward protecting confidential database
data and organization information.
Zero-day vulnerabilities that allow hackers to gain system privileges are a major threat to all organizations
encrypted and unencrypted confidential data. Confidential data includes: credit card, tax ID, medical,
social media, corporate, manufacturing, trade secrets, law enforcement, defense, homeland security,
power grid and public utility data. This confidential data is almost always stored in DB2, Informix,
MariaDB, Microsoft SQL Server, MySQL, Oracle, PostgreSQL and SAP Sybase databases.
How to Stop Data Exfiltration and Data Breaches with Deep Packet Inspection
Protecting encrypted and unencrypted confidential database data is much more than securing databases,
operating systems, applications and the network perimeter against Hackers, Rogue Insiders,
Government-backed Hacking Teams and Supply Chain Attacks.
Non-intrusive network sniffing technology can perform a real-time Deep Packet Inspection of 100% of
the database activity from a network tap or proxy server with no impact on the database servers. The
database SQL activity is very predictable. Database servers servicing 1,000 to 10,000 end-users typically
Cyber Defense eMagazine – December 2022 Edition 32
Copyright © 2022, Cyber Defense Magazine. All rights reserved worldwide.