Written By Chuck McAuley And Presented By Chuck Leaver Ziften CEO
Endpoint Security Is The Best Friend For Adult Friend Finder
Adult Friend Finder, an online “dating service” and its affiliates were hacked in April. The leaked information included charge card numbers, usernames, passwords, dates of birth, address details and personal – you know – preferences. What’s typically not highlighted in these cases is the monetary value of such a breach. Numerous would argue that having an e-mail address and the associated data might be of little worth. Nevertheless, the same way metadata collection provides insight to the NSA, this type of info supplies opponents with plenty of leverage that can be utilized against the public. Spear phishing ends up being a lot easier when cyber attackers not only have an email address, but also place, language, and race. The source IP addresses gathered can even provide pinpoint street locations for cyber attacks.
The attack approach deployed in this instance was not released, but it would be fair to assume that it leveraged a kind of SQL Injection attack or comparable, where the data is wormed out of the back-end database through a flaw in the webserver. Another possible mechanism might have been pirating ssh keys from a compromised admin account or github, however those tend to be secondary for the most part. In either case, the database dump itself is 570 megabytes, and assuming the data was exfiltrated in a couple of big transactions, it would have been very noticeable on a network level. That is, if Adult Friend Finder were using a solution that provided visibility into network traffic.
Ziften ZFlow ™ allows network visibility into the cloud to catch aberrant data transfers and credit to particular executing processes. In this case, the administrator would have had two opportunities to discover the irregularity: 1) At the database level, as the data was extracted. 2) At the webserver level, where an abnormal amount of traffic would be sent to a specific address. Organizations like Adult Friend Finder must gain the essential endpoint and network visibility required to secure their clients’ personal data and “hook up” with a business like Ziften.