Security

02:13 PM
Becca Lipman
Becca Lipman
Slideshows
Connect Directly
Facebook
Google+
Twitter
RSS
E-Mail
50%
50%

7 Unusual Behaviors That Indicate Security Breaches

Breaches create outliers. Identifying anomalous activity can help keep firms in compliance and out of the headlines.
Previous
4 of 7
Next


A single authenticated user at an energy company tried to connect to GoToMyPC 11,101,872 times in a week.

In some cases an infected machine will try to find ways to get information out, but the door is locked. In this example, an infected machine tried to connect to GoToMyPC, a screen sharing service typically used by support staff, over 11 million times. "This is an indicator that it wasn't a human being, says Gupta. "It's probing at the defenses looking for a way to get out."

This bears resemblance to the earlier (and more successful) Twitter example in which malware found an unblocked escape route.

 

Becca Lipman is Senior Editor for Wall Street & Technology. She writes in-depth news articles with a focus on big data and compliance in the capital markets. She regularly meets with information technology leaders and innovators and writes about cloud computing, datacenters, ... View Full Bio

Previous
4 of 7
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Becca L
50%
50%
Becca L,
User Rank: Author
3/27/2014 | 9:34:09 PM
re: 7 Unusual Behaviors That Indicate Security Breaches
I see a classic "word problem" potential here. If Sally tweets 104,000 times over 2 days, how many..."

I wonder if Twitter itself is tracking these kinds of outlying behaviors, and if they have any means (or interest) in stopping it.
Greg MacSweeney
50%
50%
Greg MacSweeney,
User Rank: Apprentice
3/27/2014 | 8:49:57 PM
re: 7 Unusual Behaviors That Indicate Security Breaches
Yeh, 104,000+ tweets in 1 day. that's about 1 tweet every 1.2 seconds. Clearly something is wrong, as no human has that much to say on twitter...LOL
andrewboon2739
50%
50%
andrewboon2739,
User Rank: Apprentice
3/18/2014 | 11:26:31 AM
re: 7 Unusual Behaviors That Indicate Security Breaches
Interesting article !
Becca L
50%
50%
Becca L,
User Rank: Author
3/17/2014 | 9:37:06 PM
re: 7 Unusual Behaviors That Indicate Security Breaches
Agreed, As Skyhigh suggests, companies need to first understand what constitutes normal behavior so when events like these happen alarms are sounded, rather than appear as blips on a report an IT team can overlook.
Kelly22
50%
50%
Kelly22,
User Rank: Author
3/17/2014 | 6:05:10 PM
re: 7 Unusual Behaviors That Indicate Security Breaches
That one surprised me too. I feel like that amount of data going to an unknown site should have triggered some red flags.
IvySchmerken
50%
50%
IvySchmerken,
User Rank: Author
3/14/2014 | 2:13:33 PM
re: 7 Unusual Behaviors That Indicate Security Breaches
Another scary one is the case of the retail employee sending 4.5 GB of confidential information to Kanbox, an "unknown" file sharing service that was not blocked by the company. Wouldn't an astute IT team notice this amount of data leaving the company? Is it a sign that this retail company was asleep at the switch?
Becca L
50%
50%
Becca L,
User Rank: Author
3/13/2014 | 11:33:28 PM
re: 7 Unusual Behaviors That Indicate Security Breaches
A secret code! Something straight out of a detective/spy novel. I agree that it wouldn't raise any eyebrows.

Besides, if nobody is following the account who is there to raise the alarm? Compare that to if your account started tweeting thousands of times per week you'd have a lot of angry (former) followers!
ANON1233964134849
50%
50%
ANON1233964134849,
User Rank: Apprentice
3/13/2014 | 11:21:20 PM
re: 7 Unusual Behaviors That Indicate Security Breaches
"With the apparent failure of IDS, network behavioral analysis, malware detection tools and stale market leading DLP systems; organizations must adopt new technologies faster than Hackers do. GTB's advanced data protection solutions provide such powerful technologies which really do secure against unauthorized transmissions from Malware, Viruses and Frenemies" says Uzi Yair, GTB CEO. "Unlike others, our DLP system actually works and prevents breaches from occurring." from http://www.gtbtechnologies.com...
Nathan Golia
50%
50%
Nathan Golia,
User Rank: Author
3/13/2014 | 6:00:32 PM
re: 7 Unusual Behaviors That Indicate Security Breaches
That twitter one is pretty crazy Gă÷ i wonder how sophisticated you could get and maybe develop a code that looks like normal tweets. The inanity of a random twitter account would surely not raise any eyebrows.
Register for Wall Street & Technology Newsletters
White Papers
Current Issue
Wall Street & Technology - Elite 8, October 2014
The in-depth profiles of this year's Elite 8 honorees focus on leadership, talent recruitment, big data, analytics, mobile, and more.
Video