Chasing The Breach
Contact information for 76 million families and 7 million businesses.
Let’s assume the number is taken by name, address, phone number – should we approximate 100 bytes each? That makes it 8.3 billion bytes (i.e. GB), or 66.4 Giga Bits. Hackers don’t use large pipes, though they may be using multiple sources of attack. To transfer that much data takes time – a lot of time.
We keep talking about security. I, for one, cannot begin to imagine how much money Chase invests in cyber security every year. And yet, these hackers were able to transfer 8.3 Giga Bytes of data away from the bank without anyone noticing. To put it into perspective, it’s as though you walked out of the grocery with the entire ice cream refrigerator and no one noticed. That’s what happened here. It’s simply baffling. I don’t know else to express my disbelief. Intrusion prevention, monitoring, intrusion detection, SIEMs and log management systems that should reveal anomalies and raise alerts – I know Chase has them all and so much more.
None of those worked?
How is that even possible?
With all that’s been happening, we need to investigate if what we’re currently doing in the name of security isn’t completely wrong. And, as a result of that, hackers have identified ways to circumvent our defenses so easily they make us look like fools.
When the Target crisis exploded in January, I was outraged that the company barely had security to speak of, and whatever little they had, was circumvented because of a third party having too much access.
In the case of Chase, I am_positive_they have plenty of security measures in place. I’m certain they used every trick in the books to stay safe. I’m certain they take security very seriously because they are a Financial Institution. In fact, the largest Financial Institution in the US, and they _know_ they’ll always be a target. This then begs the question – what happened?
It would be truly interesting, and, very enlightening, if we found out for sure what really happened and learn from this lesson because if Chase was breached, the war against cybercrime is close to being lost.