For a business to be targeted, there needs to be something of value to exfiltrate.
The attackers are not going to go through the effort of the full attack cycle for
practice. If there were to happen to be a breach, there should be tools in place
monitoring activities so the attacker’s actions would be noticed and halted.
The attackers are not going to go through the effort of the full attack cycle for
practice. If there were to happen to be a breach, there should be tools in place
monitoring activities so the attacker’s actions would be noticed and halted.
An incident occurred in Europe on their railway system. If you happen to be
traveling on the rail in Europe, naturally the traveler has to purchase a ticket.
This process includes the usual information with credit card numbers, full legal
name, mailing address, email, and phone numbers. This information in its entirety
would provide for a nice target for any attacker. THis sensitive data used in unison
could provide for a fair number of successful attacks.
traveling on the rail in Europe, naturally the traveler has to purchase a ticket.
This process includes the usual information with credit card numbers, full legal
name, mailing address, email, and phone numbers. This information in its entirety
would provide for a nice target for any attacker. THis sensitive data used in unison
could provide for a fair number of successful attacks.
Such an incident occurred in late 2017. On November 29, 2017, the Rail Europe
system was breached. If this was not bad enough for a scenario, the attackers
had accessibility from the breach (November 29, 2017) through February 16, 2018.
During this time, the attackers had time to exfiltrate the PII and data they desired.
To further worsen the situation, Rail Europe was not aware they had been breached.
A bank affiliated with RENA noted this and informed the company. The number of
affected clients was unknown. The number could be rather substantial, as RENA
had transactions with 5M Americans.
system was breached. If this was not bad enough for a scenario, the attackers
had accessibility from the breach (November 29, 2017) through February 16, 2018.
During this time, the attackers had time to exfiltrate the PII and data they desired.
To further worsen the situation, Rail Europe was not aware they had been breached.
A bank affiliated with RENA noted this and informed the company. The number of
affected clients was unknown. The number could be rather substantial, as RENA
had transactions with 5M Americans.
The recommendation at this point is for RENA customers to change their password
and watch their accounts. There is also identity theft protection available, which over
the long-term may not have a substantial amount of value, as the attackers would be
able to use certain data indefinitely, not just a year.
and watch their accounts. There is also identity theft protection available, which over
the long-term may not have a substantial amount of value, as the attackers would be
able to use certain data indefinitely, not just a year.
The vulnerability involved the webpage used by the clients. This was infected by
malware coded to log the client’s information, including the debit and credit card
numbers, expiration date, and the important CVV numbers.
malware coded to log the client’s information, including the debit and credit card
numbers, expiration date, and the important CVV numbers.
There are several areas to focus on with this compromise. Primarily, the lesson
would be to monitor the logs, network, and access. The business should have
known something was occurring within the network over the three months of exfiltrating
so many records
(https://www.informationsecuritybuzz.com/expert-comments/rail-europe-customer-data-breach/).
This amount of traffic should have been noticed on some level at some junction of time.
would be to monitor the logs, network, and access. The business should have
known something was occurring within the network over the three months of exfiltrating
so many records
(https://www.informationsecuritybuzz.com/expert-comments/rail-europe-customer-data-breach/).
This amount of traffic should have been noticed on some level at some junction of time.