Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

The Case of the Suspiciously Flawless Investigation

639 views

Published on

Updated March 16, 2017

Published in: Technology, Business
  • Be the first to comment

  • Be the first to like this

The Case of the Suspiciously Flawless Investigation

  1. 1. © 2016 SecurityMetrics The Case of the Suspiciously Flawless Investigation Forensic Files Series
  2. 2. BUSINESS BACKGROUND Ecommerce ticketing vendor based out of New York.
  3. 3. BUSINESS BACKGROUND Customer reported breach to Visa, claiming their credit card was hacked after buying a ticket to an event.
  4. 4. HOW HACKERS GOT IN Forensic investigation found no evidence of breach. Discovered a third party website licensed to sell vendor’s event tickets was actually the organization compromised.
  5. 5. HOW HACKERS GOT IN Third party had to pay noncompliance and compromise fines. Ecommerce events vendor subject to brand degradation and the cost of the forensic investigation ordered by Visa ($25,000).
  6. 6. HOW HACKERS GOT IN Since forensic investigation of third party was done by another forensic company, it is unknown exactly how hackers breached the third party. Similar situations indicate the possibility of SQL injection.
  7. 7. WHAT IS SQL INJECTION By feeding information into web forms that aren’t coded to reject illegitimate characters, attackers can glean little pieces of information about a business database based on output from erroneous entries.
  8. 8. WHAT IS SQL INJECTION If hackers can gain enough information about a database, it’s only a matter of time until they query it directly and gain administrative access.
  9. 9. WHAT THE BUSINESS DID WRONG Ecommerce events vendor didn’t perform due diligence to ensure licensed third party was operating a secure site.
  10. 10. WHAT IS 3RD PARTY DUE DILIGENCE? It is each organization’s responsibility to take reasonable steps to ensure contracted third parties operate securely. This means investigating IT vendors, paper shredding companies, and outsourced web developers before signing contracts and throughout the relationship.
  11. 11. www.securitymetrics.com Wenlock Free VP of Strategic Partnerships wfree@securitymetrics.com

×