Security

02:13 PM
Becca Lipman
Becca Lipman
Slideshows
Connect Directly
Facebook
Google+
Twitter
RSS
E-Mail
50%
50%

7 Unusual Behaviors That Indicate Security Breaches

Breaches create outliers. Identifying anomalous activity can help keep firms in compliance and out of the headlines.
Previous
6 of 7
Next


A manufacturing employee has 188 uploads totaling 48.7 GBs in 1 day to Ryu Share. The data is sent to a Drop Zone outside of the company's jurisdictional location.

This use case requires some attention to detail. For a company that authorizes the use of Ryu Share, an employee sending out 48GBs may not be entirely suspicious, as it could be a large file. However in this instance the average employee sends only a few megabytes a day, making 48.7GBs a noteworthy outlier.

In this case it was due to an employee who had gone rogue, but this behavior could have also been linked to an innocent mistake, an account comprised, or indication that a machine has been infected.

 

Becca Lipman is Senior Editor for Wall Street & Technology. She writes in-depth news articles with a focus on big data and compliance in the capital markets. She regularly meets with information technology leaders and innovators and writes about cloud computing, datacenters, ... View Full Bio

Previous
6 of 7
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Becca L
50%
50%
Becca L,
User Rank: Author
3/27/2014 | 9:34:09 PM
re: 7 Unusual Behaviors That Indicate Security Breaches
I see a classic "word problem" potential here. If Sally tweets 104,000 times over 2 days, how many..."

I wonder if Twitter itself is tracking these kinds of outlying behaviors, and if they have any means (or interest) in stopping it.
Greg MacSweeney
50%
50%
Greg MacSweeney,
User Rank: Apprentice
3/27/2014 | 8:49:57 PM
re: 7 Unusual Behaviors That Indicate Security Breaches
Yeh, 104,000+ tweets in 1 day. that's about 1 tweet every 1.2 seconds. Clearly something is wrong, as no human has that much to say on twitter...LOL
andrewboon2739
50%
50%
andrewboon2739,
User Rank: Apprentice
3/18/2014 | 11:26:31 AM
re: 7 Unusual Behaviors That Indicate Security Breaches
Interesting article !
Becca L
50%
50%
Becca L,
User Rank: Author
3/17/2014 | 9:37:06 PM
re: 7 Unusual Behaviors That Indicate Security Breaches
Agreed, As Skyhigh suggests, companies need to first understand what constitutes normal behavior so when events like these happen alarms are sounded, rather than appear as blips on a report an IT team can overlook.
Kelly22
50%
50%
Kelly22,
User Rank: Author
3/17/2014 | 6:05:10 PM
re: 7 Unusual Behaviors That Indicate Security Breaches
That one surprised me too. I feel like that amount of data going to an unknown site should have triggered some red flags.
IvySchmerken
50%
50%
IvySchmerken,
User Rank: Author
3/14/2014 | 2:13:33 PM
re: 7 Unusual Behaviors That Indicate Security Breaches
Another scary one is the case of the retail employee sending 4.5 GB of confidential information to Kanbox, an "unknown" file sharing service that was not blocked by the company. Wouldn't an astute IT team notice this amount of data leaving the company? Is it a sign that this retail company was asleep at the switch?
Becca L
50%
50%
Becca L,
User Rank: Author
3/13/2014 | 11:33:28 PM
re: 7 Unusual Behaviors That Indicate Security Breaches
A secret code! Something straight out of a detective/spy novel. I agree that it wouldn't raise any eyebrows.

Besides, if nobody is following the account who is there to raise the alarm? Compare that to if your account started tweeting thousands of times per week you'd have a lot of angry (former) followers!
ANON1233964134849
50%
50%
ANON1233964134849,
User Rank: Apprentice
3/13/2014 | 11:21:20 PM
re: 7 Unusual Behaviors That Indicate Security Breaches
"With the apparent failure of IDS, network behavioral analysis, malware detection tools and stale market leading DLP systems; organizations must adopt new technologies faster than Hackers do. GTB's advanced data protection solutions provide such powerful technologies which really do secure against unauthorized transmissions from Malware, Viruses and Frenemies" says Uzi Yair, GTB CEO. "Unlike others, our DLP system actually works and prevents breaches from occurring." from http://www.gtbtechnologies.com...
Nathan Golia
50%
50%
Nathan Golia,
User Rank: Author
3/13/2014 | 6:00:32 PM
re: 7 Unusual Behaviors That Indicate Security Breaches
That twitter one is pretty crazy Gă÷ i wonder how sophisticated you could get and maybe develop a code that looks like normal tweets. The inanity of a random twitter account would surely not raise any eyebrows.
Register for Wall Street & Technology Newsletters
White Papers
Current Issue
Wall Street & Technology - July 2014
In addition to regular audits, the SEC will start to scrutinize the cyber-security preparedness of market participants.
Video