Page 80 - index
P. 80
Key lesson: Nasdaq’s security was criticized for running outdated security software and
improperly configuring firewalls. They could have been better off with cyber security solutions
that allow to trace the root source of attacks – malicious monitoring in this case.
5. Identity theft
Citibank and JP Morgan Chase disclosed an NY resident obtaining the personal information of
their customers back in 2011, reveals privacyrights.org. The woman used the information to
steal $30,000 from Citibank and $300,000 from Chase. Forged driver’s licenses were used to
make fraudulent withdrawals.
Key lesson: The security systems in place failed to protect customer data, and there was no
forensic analysis post-identity theft. Banks should be backed by an incident response team that
is able to use the widely utilized forensic tools for preservation and collection of digital evidence
for analysis and future theft prevention. Forensic analysis helps in analyzing what information
lead to the compromise, and how the breach occurred, as well as how to repair the damage.
It’s a long, hard slog for financial institutions when it comes to mitigating and preventing cyber
threats, but the lessons point the route towards better security practices.
About The Author
Dan Virgillito is a freelance content strategist and the Director of Media &
Communications at Massive, a cyber intelligence firm specialising in early
threat prevention.
80 Cyber Warnings E-Magazine – July 2014 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
