Categories: BlogMedia Coverage

eMazzanti in the News – CRN

Arrow Was The Target: Criminals Impersonate Executive, Transfer Money To Outside Bank

NEWS, ANALYSIS AND PERSPECTIVE FOR VARs AND TECHNOLOGY INTEGRATORS

crn.com February 4, 2016

By Michael Novinson on February 4, 2016, 3:56 pm EST

Criminals recently managed to impersonate an Arrow Electronics executive, prompting the unauthorized transfer of money from the distributor to outside bank accounts in Asia.

The Centennial, Colo.-based distributor said the criminal fraud will cost the company $13 million in the first quarter of 2016, according to a report filed Thursday with the U.S. Securities and Exchange Commission.

Arrow determined Jan. 22 that it had been targeted, and investigations and legal actions were subsequently launched both internally and by law enforcement. Although the investigation is still ongoing, Arrow said findings thus far indicate the event was isolated and not associated with either a security breach or loss of data.

The ultimate findings and conclusion date of the investigation are still uncertain, according to Arrow. A company spokesman declined to answer additional questions about the attack.

Arrow was most likely the victim of a privileged account attack, where hackers try to break into the accounts of IT leaders or C-suite executives in hopes of disrupting operations or gaining access to proprietary information, according to Jane Wright, a senior analyst focused on security at Technology Business Research.

“This does seem like a significant attack to me,” Wright said.

Privileged account attacks are quite common but are rarely successful at a company as large as Arrow, according to Carl Mazzanti, CEO of Hoboken, N.J.-based solution provider eMazzanti Technologies. Regularly resetting passwords and uncovering common vulnerabilities through penetration testing are some of the best ways to protect against such an attack, Mazzanti said.

In fact, Mazzanti said he received a “super uncommon” request Thursday from other IT distributors (Mazzanti doesn’t work with Arrow) asking him to manually reset his passwords, which he suspects might be a precaution once news of the Arrow attack became public.

Hackers have increasingly turned their focus to breaking into C-suite or line-of-business executive accounts in hopes of stealing unpatented intellectual property such as blueprints or product plans. Wright said, in her experience, going after intellectual property is more common than what happened in Arrow’s situation with actual funds being stolen.

Arrow’s statement about the lack of a security breach or data loss is consistent with a privileged attack, she said, where the attack is isolated and the attacker has no interest in persisting as part of the company infrastructure.

“They’ve chosen one company, one executive, for one purpose,” said Wright, noting that privileged account attackers have a “get in, get out” mentality.

The $13 million charge Arrow reported is significantly higher than the financial loss from most privileged account attacks, which Wright said typically comes in at around $2 million to $3 million since businesses usually are able to shut off the loss of money very quickly.

“Every minute you’re under attack, you’re losing more money,” Wright said.

It’s quite common for hackers to cross state or national borders – as was the case when Arrow’s attackers moved the money into Asian bank accounts – since that increases the complexity of responding by forcing multiple law enforcement agencies to work together.

The FBI is fairly successful in bringing down hackers, Wright said, although their successes are often not publicized. That’s because law enforcement doesn’t want to reveal the full extent of their capabilities since that will prompt future hackers to pursue different attack vectors.

“It [bringing down hackers] happens a lot more than we read in the media,” Wright said.

View article online.

 

Cloud Services New York City

Recent Posts

The Executive’s Guide to Security Operations Center Models

Cyber threats never take a day off, never clock out and go home at the…

3 days ago

Introduction to Azure Services

Building, deploying, and managing applications via Microsoft's global network of data centers is easier with…

3 days ago

Introduction to Microsoft Copilot

Microsoft Copilot is a tool, powered by AI, that aims to boost your productivity within…

4 days ago

Project Management: Why is it important?

Making things happen is the art and science of project management. The process involves managing…

1 week ago

Enhancing Website Performance and User Experience Through Caching Strategies

In today's fast digital life, website performance is important, as it holds visitors and ensures…

1 week ago

Protecting Municipal Data: Security Tips for City Officials

The FBI reported that cyber attacks against government facilities saw an increase of almost 36…

1 week ago