Categories: BlogMedia Coverage

eMazzanti in the News – CRN

Arrow Was The Target: Criminals Impersonate Executive, Transfer Money To Outside Bank

NEWS, ANALYSIS AND PERSPECTIVE FOR VARs AND TECHNOLOGY INTEGRATORS

crn.com February 4, 2016

By Michael Novinson on February 4, 2016, 3:56 pm EST

Criminals recently managed to impersonate an Arrow Electronics executive, prompting the unauthorized transfer of money from the distributor to outside bank accounts in Asia.

The Centennial, Colo.-based distributor said the criminal fraud will cost the company $13 million in the first quarter of 2016, according to a report filed Thursday with the U.S. Securities and Exchange Commission.

Arrow determined Jan. 22 that it had been targeted, and investigations and legal actions were subsequently launched both internally and by law enforcement. Although the investigation is still ongoing, Arrow said findings thus far indicate the event was isolated and not associated with either a security breach or loss of data.

The ultimate findings and conclusion date of the investigation are still uncertain, according to Arrow. A company spokesman declined to answer additional questions about the attack.

Arrow was most likely the victim of a privileged account attack, where hackers try to break into the accounts of IT leaders or C-suite executives in hopes of disrupting operations or gaining access to proprietary information, according to Jane Wright, a senior analyst focused on security at Technology Business Research.

“This does seem like a significant attack to me,” Wright said.

Privileged account attacks are quite common but are rarely successful at a company as large as Arrow, according to Carl Mazzanti, CEO of Hoboken, N.J.-based solution provider eMazzanti Technologies. Regularly resetting passwords and uncovering common vulnerabilities through penetration testing are some of the best ways to protect against such an attack, Mazzanti said.

In fact, Mazzanti said he received a “super uncommon” request Thursday from other IT distributors (Mazzanti doesn’t work with Arrow) asking him to manually reset his passwords, which he suspects might be a precaution once news of the Arrow attack became public.

Hackers have increasingly turned their focus to breaking into C-suite or line-of-business executive accounts in hopes of stealing unpatented intellectual property such as blueprints or product plans. Wright said, in her experience, going after intellectual property is more common than what happened in Arrow’s situation with actual funds being stolen.

Arrow’s statement about the lack of a security breach or data loss is consistent with a privileged attack, she said, where the attack is isolated and the attacker has no interest in persisting as part of the company infrastructure.

“They’ve chosen one company, one executive, for one purpose,” said Wright, noting that privileged account attackers have a “get in, get out” mentality.

The $13 million charge Arrow reported is significantly higher than the financial loss from most privileged account attacks, which Wright said typically comes in at around $2 million to $3 million since businesses usually are able to shut off the loss of money very quickly.

“Every minute you’re under attack, you’re losing more money,” Wright said.

It’s quite common for hackers to cross state or national borders – as was the case when Arrow’s attackers moved the money into Asian bank accounts – since that increases the complexity of responding by forcing multiple law enforcement agencies to work together.

The FBI is fairly successful in bringing down hackers, Wright said, although their successes are often not publicized. That’s because law enforcement doesn’t want to reveal the full extent of their capabilities since that will prompt future hackers to pursue different attack vectors.

“It [bringing down hackers] happens a lot more than we read in the media,” Wright said.

View article online.

 

Cloud Services New York City

Recent Posts

Shared Mailbox vs. Regular Mailbox in Microsoft Exchange

Microsoft Exchange provides multiple ways to control email communication in a business. Shared Mailboxes and…

2 days ago

Remote Work Rising: The New<br>Way We’ll Work

Remote working was once a niche specialty, only used by tech-savvy and freelancers. But in…

2 days ago

The Role of Print Servers In<br>An Organization

While we live in a digital age, print is still a staple for many businesses.…

2 days ago

Implementing Anti-Spoofing Rules for Email Protection

Increasingly, email communication is playing a pivotal role in business operations, facilitating collaboration, customer engagement,…

3 days ago

The Comprehensive Benefits of MSP Management for Servers, Exchange, O365, VPN, and Networks

As the digital landscape evolves, businesses of all sizes face the challenge of managing complex…

3 days ago

Cost-Benefit Analysis of On-Premises Network/Server Infrastructure vs. Azure-Based Cloud Infrastructure

In the evolving landscape of information technology, businesses constantly seek the most efficient and cost-effective…

3 days ago