Why do people rob banks? According debonair American bank robber Willie Sutton, “because that's where the money is."
Cybercriminals think the same way about the enterprise database, and they do not need a gun.
The Cyberextortionist Case of Express Scripts
There are different ways cybercriminals can attempt to monetize their theft. In a current case involving St. Louis-based Express Scripts, a breacher is demanding an undisclosed ransom for the company’s data. Express Scripts has put the pressure back on the thief by offering a $1 million dollar reward for his or her capture.
How did Express Scripts find out about the breach? According to its web site, the extortionist sent Express Scripts a letter with a sample of 75 customer records back in October of 2008. The letter also threatened to publicly expose millions of the company’s members’ records if an extortion threat was not met.
Lessons Learned
It is unclear which data security policies were in place at Express Scripts. No security system is perfect. As a best practice, this story paints a picture of why organizations can't be proactive enough about assessing data vulnerabilities and monitoring for breaches.
By assessing vulnerabilities, enterprises can see where the security holes exist. You can bet that when a bank robber is looking for the easiest way to rob a bank, he or she looks for the weak spots. A data thief does the same thing. And by monitoring for threats, organizations can be alerted about any breaches as it happens.
As a side note, I wonder where Willie Sutton would focus his efforts today.
