Wall Street Firm Discovers Zero-day Threat

Case Study

This mid-sized technology company turned to Bitglass to test the Breach Discovery Service on behalf of its customers on Wall Street. The results were surprising.

The CTO of the firm contacted Bitglass and simply uploaded one week of firewall logs. The firm had installed a high-end “Next-Gen-Firewall” so the logs came in three pieces— “application logs,” “unclassifed URLs” and “layer 4 logs.”

Bitglass did the rest.

The Bitglass Breach Discovery Engine identified a few high-risk cloud apps on the network, a compliance risk, but there was worse.

The Bitglass Breach Discovery Engine found that ten internal IPs were contacting Malware Command and Control destinations outside the rewall. Some of the internal IPs had multiple malware infections.

As a technology service provider to high-value targets on Wall Street, the customer was the ideal back door for hackers. A hacker could inject malware into the service provider, gain access credentials to their customers, and exfiltrate high-value data without being detected. Indeed, the hackers at Target Stores gained access by stealing the access credentials of an HVAC contractor.

Once a hacker gets inside the network, even “Next-Gen” firewalls can do little. New risks and new hacks daily cause breaches. And the average breach lasts almost eight months. Bitglass’ Breach Discovery Engine tracks the latest risks to uncover breaches early so you can limit the damage.

“The Target breach showed that service providers to retail and financial services are the ideal back door to high-value targets”

—CTO, Wall Street Firm

  • Threat Intelligence
  • Scalability
  • Shadow IT