Over 16.5 Million dollars, that’s right. That’s exactly what US ProTech just saved one of its clients! Imagine if your organization was just fined by the government a sum of that size. Most companies would close their doors and larger businesses would see a massive restructuring that would include nearly every employee in the Risk & IT department being immediately fired. Since you’re reading this now – you may want to consider how US ProTech can save your bacon and millions of dollars at the same time!
Why is this important information? Corporate espionage has always been with us effectively forever and sometimes we just ignore it or pretend – it could not happen to us. But in reality it’s prevalent as ever and we’re seeing a major rise in its activity. One such a case would include the recent activity between Heavy-Weight Champion – UBER… and the quickly rising Challenger – Lyft.
So, what’s at stake for these businesses that correlates with you? Stealing corporate data from you and selling it to a competitor is one risk. However, the more common risk is that your competition has already hired an Off-Shore team of hackers to compromise your network for all that’s its worth and when it’s ready, steal your customers (all your data) with a well-timed “news leak” putting your company on the front page of tomorrows newspaper, ouch!
Now, a little back story: In May 2015, the information of as many as 50,000 Uber drivers was leaked in a massive data breach. This month (October 2015), based on IP address tracing, Uber claimed that Chris Lambert, CTO of Lyft, their main competitor, is responsible for the breach.
The database of driver information was accessed through a security key that had been accidentally left exposed on Github, a web-hosting service, for three months by an Uber engineer. After pursuing legal action, Uber pressured GitHub into revealing the IP addresses of anyone who had visited the page and one such IP address was traced back to Chris Lambert.
Reuters reported that a Lyft spokesperson claimed the company performed its own investigation and found that “there is no evidence” that Lyft employees “had anything to do with Uber’s May data breach.” And that is possible; however, whenever I see an agency, business or politician conduct an internal investigation upon themselves, I generally feel my “B.S.” meter go off the scale. How about you? Call US ProTech right now – and let’s get started for all the right reasons.
By: Jonathan Goetsch
About US ProTech:
- Since 2001, a provider of Cyber-Security Intelligence and Services throughout the Americas and Western Europe
- Our Security & Risk Assessment Scan exceeds US Military High-Impact Baseline standards under N.I.S.T. 800-53 R4
- The Security process is one of (approx.) 50 validated by the U.S. Department of Commerce and Conforms to SCAP
- In 2014, US ProTech is awarded a foreign Presidential Administration multi-year cyber security services contract
- In 2015, US ProTech is recognized internationally and ranked in the Global Top 20 RSA security solution providers
US ProTech Basic Mitigation Strategies:
- Access credentials – including security keys – should be managed, stored, and protected securely in accordance with best practice
- Network traffic analysis to detect data exfiltration
- 24×7 Security Monitoring to provide anomaly detection
- Log management could detect external IP information from the attacker if logs are configured