Ziften Endpoint Security Would Have Discovered Adult Friend Finder Data Breach In Time – Charles Leaver

By | January 13, 2016

Written By Chuck McAuley And Presented By Charles Leaver Ziften CEO

Endpoint Security Is The Very Best Friend For Adult Friend Finder

Adult Friend Finder, an online “dating service” and its affiliates were hacked in April. The leaked info consisted of credit card numbers, usernames, passwords, dates of birth, address details and individual – you understand – choices. What’s typically not highlighted in these cases is the monetary value of such a breach. Numerous would argue that having an e-mail address and the associated data might be of little worth. However, much the same way metadata collection offers insight to the NSA, this kind of information provides cyber attackers with plenty of leverage that can be utilized against the general public. Spear phishing becomes a lot easier when enemies not only have an e-mail address, however likewise area, language, and race. The source IP addresses gathered can even supply exact street locations for cyber attacks.

The attack approach deployed in this example was not released, however it would be fair to presume that it leveraged a kind of SQL Injection attack or comparable, where the information is wormed out of the back-end database through a defect in the webserver. Another possible methodology could have been hijacking ssh keys from a compromised admin account or github, but those have the tendency to be secondary most of the time. In either case, the database dump itself is 570 megabytes, and presuming the data was exfiltrated in a couple of large transactions, it would have been very obvious on a network level. That is, if Adult Friend Finder were utilizing a solution that offered visibility into network traffic.

Ziften ZFlow ™ allows network visibility into the cloud to capture aberrant data transfers and credit to specific executing procedures. In this case, the administrator would have had two chances to observe the abnormality: 1) At the database level, as the data was extracted. 2) At the webserver level, where an unusual amount of traffic would be sent out to a specific address. Organizations like Adult Friend Finder must acquire the essential endpoint and network visibility required to secure their consumers’ individual data and “hook up” with a company like Ziften.

 

Leave a Reply

Your email address will not be published. Required fields are marked *