Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security
Authentication
Mobile
Privacy
Compliance
Careers and People
Identity & Access Management
Security Monitoring
Advanced Threats
Insider Threats
Vulnerability Management
Comments
Who Cares Who’s Behind A Data Breach?
Newest First  |  Oldest First  |  Threaded View
Page 1 / 3   >   >>
ODA155
ODA155,
 User Rank: Ninja
2/26/2015 | 9:38:53 AM
Re: is it just human nature?
@Sara...

"Still though: if they sue a third party for doing a lousy job of securing data, they might be able to make a civil case out of it and win cash. But attribution -- learning who the attackers are -- will only lead to a criminal case, won't it? And the breached company isn't going to make any cash off of that, will they?"

Seriously! Look at the Anthem, Sony and Target breaches... who are they going to sue? From what we do know everyone of them were at the very least borderline negligent, doing only the very minimum to meet requirments ignoring or flat out dismissing warnings and examples of how other companies were successfully attacked.

It's way to easy to blame an attacker for breacking into your network and stealing whatever is available, but it's much harder to hold your own feet to the fire... and keep the shareholders happy.
Sara Peters
Sara Peters,
 User Rank: Author
2/26/2015 | 9:26:13 AM
Re: is it just human nature?
@Kerstyn  I suppose when a company's trying to get back some of the dough they dropped on the breach recovery process they would make suing somebody for damages a priority.

Still though: if they sue a third party for doing a lousy job of securing data, they might be able to make a civil case out of it and win cash. But attribution -- learning who the attackers are -- will only lead to a criminal case, won't it? And the breached company isn't going to make any cash off of that, will they?

I confess that I don't know much about this -- I try to stay out of court rooms.  :)
Kerstyn Clover
Kerstyn Clover,
 User Rank: Moderator
2/25/2015 | 10:16:48 PM
Re: is it just human nature?
Sara, I didn't realize it but I somewhat addressed this in my last reply to a comment of yours! Litigation definitely comes up frequently and it's pretty understandable, especially since there is usually a tangible business impact (at least by the time I get called in.)
Kerstyn Clover
Kerstyn Clover,
 User Rank: Moderator
2/25/2015 | 10:12:28 PM
Re: Motive
In the vast majority of my experiences, everyone wants to know who did it and on top of that, how they can press charges. Unfortunately part of my response duties can be to explain the difficulties in not just attribution, but prosecution. It is usually after things have settled and we've had that conversation that we'll sit down and go over areas that were identified to have failed, or where defenses can be beefed up.
ODA155
ODA155,
 User Rank: Ninja
2/25/2015 | 6:05:33 PM
Re: is it just human nature?
Sara,

Personally, it's a little more refined than a simple "...immediate, desperate need to assess blame...". Sure there is enough of that going around, but I think identifying the responsible parties is important as well as holding them accontable, and if you can catch the bad guys...OK.  And by responsible parties I tend to focus on the internal people at all levels who should be held responsible for protecting and safeguarding this information. As someone said on another topic some time ago, these companies put too much faith in the outcome of a risk assessment then they purchase insurance to protect their company, but then as in the case of Anthem, I and probably more than one person reading this gets an email telling us "how seriously they take security and protecting... blah blah blah", and give me two years of credit monitoring.
Sara Peters
Sara Peters,
 User Rank: Author
2/25/2015 | 10:36:46 AM
Re: Motive
@Kerstyn  In your experience, do breached companies mostly want to know which outside criminal group is to blame for the attack, or which employee/executive is to blame for the failure of the company's security?
Sara Peters
Sara Peters,
 User Rank: Author
2/25/2015 | 10:31:41 AM
is it just human nature?
Ya know, I've often wondered if this immediate, desperate need to assess blame -- not just for data breaches, but for EVERYTHING -- was a basic human instinct or a particularly American trait. In this exceptionally litigious US society, we're always looking for someone to sue, so of course attribution is important so that you can decide who to drag into court.

But maybe everyone feels the same need to know whodunit? Just so that the mystery is solved? What do you guys think?
SDiver
SDiver,
 User Rank: Strategist
2/24/2015 | 9:48:43 AM
Re: Rod Sirling was right.
"The Monsters Are Due on Maple Street."  Good episode.
ODA155
ODA155,
 User Rank: Ninja
2/24/2015 | 9:34:08 AM
Re: who cares? sheriff, maybe
...and as Mr. Snowden has also showed us and left out of his AMA speach, there will always be someone behind the scenes with the means to circumvent those systems and standards for what ever purpose they choose to be right or wrong.
macker490
macker490,
 User Rank: Ninja
2/24/2015 | 8:43:12 AM
who cares? sheriff, maybe
Mr: Snowden noted in his recent AMA:

"The only way to ensure the human rights of citizens around the world are being respected in the digital realm is to enforce them through systems and standards rather than policies and procedures."

remember: the sheriff only cleans up a mess after it has been made.   better to not get into a mess,-- whether driving a car or running a 'puter.   prevention is better than cleanup.  and yes: malware can be stopped -- if you're interested in stopping it.
Page 1 / 3   >   >>


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Everything You Need to Know About DNS Attacks
It's important to understand DNS, potential attacks against it, and the tools and techniques required to defend DNS infrastructure. This report answers all the questions you were afraid to ask. Domain Name Service (DNS) is a critical part of any organization's digital infrastructure, but it's also one of the least understood. DNS is designed to be invisible to business professionals, IT stakeholders, and many security professionals, but DNS's threat surface is large and widely targeted. Attackers are causing a great deal of damage with an array of attacks such as denial of service, DNS cache poisoning, DNS hijackin, DNS tunneling, and DNS dangling. They are using DNS infrastructure to take control of inbound and outbound communications and preventing users from accessing the applications they are looking for. To stop attacks on DNS, security teams need to shore up the organization's security hygiene around DNS infrastructure, implement controls such as DNSSEC, and monitor DNS traffic
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2023-33196
PUBLISHED: 2023-05-26
Craft is a CMS for creating custom digital experiences. Cross site scripting (XSS) can be triggered by review volumes. This issue has been fixed in version 4.4.7.
CVE-2023-33185
PUBLISHED: 2023-05-26
Django-SES is a drop-in mail backend for Django. The django_ses library implements a mail backend for Django using AWS Simple Email Service. The library exports the `SESEventWebhookView class` intended to receive signed requests from AWS to handle email bounces, subscriptions, etc. These requests ar...
CVE-2023-33187
PUBLISHED: 2023-05-26
Highlight is an open source, full-stack monitoring platform. Highlight may record passwords on customer deployments when a password html input is switched to `type="text"` via a javascript "Show Password" button. This differs from the expected behavior which always obfuscates `ty...
CVE-2023-33194
PUBLISHED: 2023-05-26
Craft is a CMS for creating custom digital experiences on the web.The platform does not filter input and encode output in Quick Post validation error message, which can deliver an XSS payload. Old CVE fixed the XSS in label HTML but didn’t fix it when clicking save. This issue was...
CVE-2023-2879
PUBLISHED: 2023-05-26
GDSDB infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file