ByKelly Jackson Higgins
Determining whether a data dump on Pastebin or elsewhere online is legit can be time-consuming and resource-intensive. Deloitte & Touche offers tips for how to weed out the fake hacks.
You've seen the online claims and headlines: hackers boasting on Twitter or another online forum that they've hacked a major company's database or website and have leaked the stolen user credentials or credit-card numbers for all to see on Pastebin or another site.
But just because a data dump is posted online doesn't mean it's legitimate. The victimized organization and threat intelligence experts have to investigate the leaks, a process that can be time-consuming, resource-intensive, and even hurt other security projects or monitoring. Worst-case, investigating a phony data dump could detract from an enterprise's efforts to detect or mitigate a real data breach.
Allison Nixon, a threat researcher with Deloitte & Touche LLP, has seen the phony data breach dump scenario many times as a researcher with experience investigating them. "It's pretty common that data dumps that come to me were actually fake," says Nixon, who has authored a new report with recommended techniques for vetting the authenticity of a data dump. "I would say it's a waste of everyone's time" to have to investigate phony ones, which can take days to verify. Not only that, but a company's reputation can easily be damaged by a phony data dump that wasn't tied to a real breach, she says.
Full Article
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.