Internet thieves make big money stealing corporate info

Sometimes I'm asked what keeps me up at night as an IT security professional... my answer is almost always "what I don't know." After I allow the confused look on their faces to pass I explain that in the realm of security we put very elaborate and expensive controls in place and then hope they never really get used. More quizzed looks ensue (you can probably tell I have fun with this) before I begin explaining myself.

Antivirus, NIDPS, WAF, NAC, DLP, IP Firewalls, Web Proxies, etc. are all great controls and protect against most known and some unknown attack vectors and for the most part they work. What scares me and keeps me up at night are the -1 day attacks (less than zero) that will pass by all controls. This story in USA Today got me thinking about how easy it is for determined attackers to slip right by all my controls and begin pumping data out of my network. From the article:

The virus swiftly located — and infected — some 300 other workstation PCs, silently copying the contents of each computer's MyDocuments folder. It transmitted the data across the Internet to a gang of thieves operating out of Turkey.

They infected system zero by posting an innocent-looking link on a trusted employee-only message board. Reading articles and hearing horror stories from colleagues about the threats they didn't know about until after the damage was done is what keeps me up at night. The stuff I know about? I have lots of toys for that stuff. :)

Related Articles

• 11 charged with massive ID theft
• Auto Parts Retailer Notifies Customers of Network Breach
• University of Florida discloses patient-record data breach
• The most insidious IT security risk
• A Huge Cache of Stolen Financial Data
• Express Scripts Clients Receive Threats To Release Data
• 5 ways insiders exploit your network