Premium Content

Access "Marcus Ranum chat: Network threat detection and wireless attacks"

Published: 27 Nov 2012

Marcus Ranum: The other day over lunch you were telling me about a rather amazing incident that you were dealing with. I understand that you can’t get too detailed about some parts of it, but what can you tell us? Aaron Turner: I guess the first surprising thing we found was that there were at least three different adversaries on the network, each attacking a different aspect of the infrastructure. One group was after the crown jewels—and was very focused and organized—another was picking up the crumbs of the ‘A Team,’ and another was running a payment card harvesting operation focused on the organization’s P-Cards [purchasing cards] associated with the organizations bank accounts. The most interesting thing about the ‘A Team’ is that essentially, we found evidence that this group of sophisticated attackers was using wireless communications capabilities to not only bypass the organization’s security controls, but they were doing so to accelerate the exfiltration of information from the organization. Think of it as the attackers got impatient with the ... Access >>>

Access TechTarget
Premium Content for Free.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

What's Inside

Features

More Premium Content Accessible For Free

  • Strategies for a successful data protection program
    data_protection_2014.png
    E-Handbook

    Deploying data protection technologies properly requires a lot of time and patience. While most firms can get started by using preconfigured policies...

  • Devices, data and how enterprise mobile management reconciles the two
    ISM_supp_1014.png
    E-Zine

    The bring your own device (BYOD) movement, which has flooded the enterprise with employee-owned smartphones, tablets, phablets and purse-sized ...

  • Putting security on auto-pilot: What works, what doesn't
    security_auto-pilot.png
    E-Handbook

    For so long penetration testing meant hiring an expert to use skill and savvy to try to infiltrate the company system. But, as with most ...