Join Us!

DATA BREACH: CULPRI...
 
Notifications
Clear all

DATA BREACH: CULPRITS STILL GET AWAY!  

  RSS
afifasyakila
(@afifasyakila)
New Member

Symantec (ISTR) 2016 Report has shown that for the last 8 years more than 7.1 billion identities has been exposed in data breach. Year 2016 also has been witnessed of few notable targeted attack incidents such as destructive malware used in cyber attacks against power station in Ukraine in January 2016.I'm attached security -cum-forensic agency and I'm perplexed with the Law & governed the Digital Forensics. The big question is why the culprits seemed to be always get away with the crime? Aren't the existing Law strong enough?

Quote
Posted : 31/10/2017 2:33 am
RolfGutmann
(@rolfgutmann)
Community Legend

For cyberlaw questions you may get in touch with https://www.nelson.law/

ReplyQuote
Posted : 31/10/2017 7:29 am
c1ue
 c1ue
(@c1ue)
New Member

Data breach attackers not being caught there are a lot of reasons including

1) Law enforcement focus/resources. The FBI has 600 technical agents worldwide; there just aren't enough of them to look at any but the largest cases, in general.
2) IT and forensic screwups. IT, even when they're not directly involved, have hosed many, many sets of evidence. And our personal experience is that IT is involved in a significant number of cases. We've also seen Big Four consultancies hose up evidence; we had a large case in 2016 where the Big Four firm literally lost 6 of 30 PC evidence images, and another 7 were contaminated in some way image was truncated, a 2nd image was put on the storage medium (integrity), file dates were showing activity 6 months after acquisition date (breaking chain of custody), and mismatches between chain of custody docs and hardware (labeling wrong, serial number wrong, etc).
3) Failure to log. Cloud is great, but cloud with no preservation of logging after VMs are terminated is not so great.

If you look at a number of the breaches, however, oftentimes the failures occurred much earlier.

Experian, for example. While failure to identify and patch the Struts vuln was the proximate cause for that breach, the true failure was the organizational failure to segment that customer service database. It is pure laziness that permitted decades of customer service calls to be stored in the active customer service database - which is why that breach was so large.

ReplyQuote
Posted : 22/01/2018 1:29 pm
Share: