A single IP address at a healthcare company attempts to connect to Facebook, which was blocked, 3.8 million times.
In a healthcare company that blocks employees access to Facebook it is not unusual to see someone make an occasional log in attempt. If they try to do it several times in a week they might be a bit slow on the uptake, but even they had to acknowledge something was unusual when a single IP made 3.8 million attempts in a single week.
In this case some malware was finding its intended exit closed off but continued to try.
The interesting thing here, adds Gupta, is that while it's important to look at the behaviors behind unauthorized information that is successfully sent, it's equally important to look at what didn't get out. In this case, the malware was identified and extinguished.
Becca Lipman is Senior Editor for Wall Street & Technology. She writes in-depth news articles with a focus on big data and compliance in the capital markets. She regularly meets with information technology leaders and innovators and writes about cloud computing, datacenters, ... View Full Bio