For more Information:
phone: (860) 513-0112
email: info@igxglobal.com
Corporate Headquarters
50 Inwood Road
Rocky Hill, CT
06067
phone: (860) 513-0112
Threat Mitigation Headquarters
785 King George Blvd. Suite D
Savannah, GA 31405
(912) 220-6664
|
The Client:
One of North America's largest independent companies for end-to-end loan and lease transactions with a platform that currently connects a community of more than 19,000 enrolled franchise and independent dealerships with more than 30 top auto finance lenders.
The Issue:
An identity thief was attempting to steal passwords from valid users with the objective of utilizing them to steal personal information from the valid site, emulated the client’s web site and created a false front-end.
The Technical Challenge:
Identify the extent of the damage, stabilize the situation, identify the attacker, and stop the attacker while not panicking the user community in the process.
The igxglobal Solution:
After addressing the clients concerns, igxglobal determined that the best approach would be to engage the Federal Bureau of Investigation (FBI) and allow igxglobal to incorporate some forensics to try to identify the attacker.
After reviewing all pertinent data, igxglobal identified some anomalies that led us to believe several logins were not legitimate. However, igxglobal required access to specific information from yahoo and hotmail to link to an identifiable source. The FBI stepped in and issued a subpoena and collected the required information, which in fact validated the suspicions and offered the source information necessary. This enabled us to identify the attacker, by both username and or IP address.
igxglobal recommended an aggressive course of action to the client, which included new Access Control Firewall Appliances, since the old units belonged to an unresponsive managed service provider, an Intrusion Detection System, as well as Honeypot services for redirection of the attacker to a mock site with useless content. All of this had to be implemented in a single overnight window of six hours at the client's co-location facility.
The implementation went smoothly and within two days the attacker's entire attempt at accessing the mock site was collected and logged. With this information the FBI had an actual felony offense, which it could precede with indictment charges. After some investigation by a team of igxglobal and FBI agents, the attacker's identity was uncovered and search warrant was issued. It was also discovered that this was not the attacker's first attempt at identity theft.
The Result:
Thanks to a great deal of teamwork, the attacker was stopped prior to accessing any valid content and the privacy of no individual was at any point compromised. igxglobal continues to work with the client to implement both technology and a process based security approach to maintain the privacy of their clients and users.
|
|
