eBay Data Yardsale

Data Yard Sale

eBay recently revealed that in February or March of this year their site was breached and personal information from 145 million of their users was exposed. While frantically changing passwords and circling the security wagons, I sought a cultural correlation from my college Western Civ textbook. You too? Now that’s a coincidence. Here’s what I came up with.

A Plague O’ Both Your Houses

Tybalt’s famous death quote from Shakespeare’s Romeo and Juliet reminds us of the recurring plagues that swept through Europe over the course of the last several thousand years. The Bubonic Plague, or Black Death, dispatched more than 50 million Romans alone in the 6th Century. 800 years later, Europe lost another 25 million people, anywhere from 30 to 60% of that continent’s population. And variations of the plague trundle through developing countries still today, transported and spread by the fleas that ride along with rats.

Lions and Tigers and Rats, Oh My!

Developed countries, including those who foster the growth of tech giants like eBay, face a different but equally malignant RAT. A Remote Access Trojan or Remote Administrative Tool is a form of malware that provides a back door for administrative control. In a perfect world, the software allows users remote access to their own computers. In our less than perfect world, according to reports, a RAT was used to capture eBay employee credentials and information that enabled full access to user accounts.

Unlike their furry counterparts, RATs can be difficult to detect. They don’t show up in lists of running programs or tasks, and they can appear to be performing legitimate functions. The plague, it seems, does not stem from the rat itself but from the parasites who tag along with malicious intent. Are your ankles itching yet? Mine are.

Pesticide for the Information Age

Malware fleas are all around us in the ether. Between Q4 2013 and Q1 2014 alone, malware types grew by 15%, and surveys suggest that 86% of customers shun brands following data breaches.* Data recovery and damage control runs in the tens to hundreds of millions of dollars. That’s a lot of cheese for one rat.

The best defense is a strong offense. Organizations must be vigilant in protecting their networks and data, and ICS offers a portfolio of risk assessment and penetration testing strategies that set the traps and catch the rats. We can also put plans and protocols in place to deter their return. Let us help you secure your data before the infectious nibbling begins.

* ICS Information Security Trends, Q4 2103 – Q1 2014