Wall Street Tech Firm Uncovers Breach with Bitglass

Case Study

This mid-sized technology company tested Bitglass' ability to detect breaches on behalf of its customers on Wall Street. The results were surprising.

The CTO of the firm contacted Bitglass and simply uploaded one week of firewall logs. The firm had installed a high-end next-gen firewall, so the logs came in three pieces--application logs, unclassifed URLs, and layer 4 logs.

Bitglass did the rest. Its solution identified a few high-risk cloud apps on the network that represented compliance risks--but there was worse news.

Bitglass found that ten internal IPs were contacting malware command and control destinations outside the firewall. Some of the internal IPs had multiple malware infections.

As a technology service provider to high-value targets on Wall Street, the customer was the ideal back door for hackers. A hacker could inject malware into the service provider, gain access credentials to their customers, and exfiltrate high-value data without being detected. Indeed, the hackers at Target stores gained access by stealing the access credentials of an HVAC contractor.

Once a hacker gets inside the network, even “next-gen” firewalls can do little. New risks and new hacks cause breaches daily, and the average breach lasts almost eight months. Bitglass tracks the latest risks to prevent breaches and quickly uncovers those that already occurred so that you can limit the damage.

“The Target breach showed that service providers to retail and financial services are the ideal back door to high-value targets”

—CTO, Wall Street Firm