Authorities arrested four in Israel and Florida, and disclosed a securities fraud scheme tied to the JP Morgan Chase hack. Security experts from VASCO Data Security and STEALTHbits commented on the re JP Morgan Hack Arrests.
John Gunn, VP of Communications, VASCO Data Security :
“Giving these low-level scammers credit for the JPMorgan compromise is analogous to saying that the small-time drug dealer on the corner is a leader of a Mexican drug cartel. If there is a connection, it’s that these guys simply purchased compromised email addresses, of which there are more than a billion available on the dark net, and used them to commit fraud. There is really nothing novel about this, but it does underscore the far-reaching and long-lasting risks generated by any major breach.”
Kevin Foisy, Chief Software Architect and Co-Founder, STEALTHbits :
“In the world of cybercrime, spotting the bad guy is tough. In many cases, companies don’t even know they’ve been breached. Unlike the physical world where the safe is emptied and the jewels are gone, in the cyber world the assets are stolen but they’re still there.
“But, like in a game of clue, evidence is left behind and security software is getting better and better at piecing the clues together in real time; records in millions of lines of logs are analyzed and analytics engines look for unusual patterns of behavior; a race to detect and prevent the loss from ever happening.
“If the company knows that they’re under attack then measures can be taken to trace and identify the perpetrator or just shut it down, but if you’re dealing with nothing more than after-the-fact records in log files, then usually the best you can hope for is to trace it to a part of the world that it happened in.”