Download - Project Cumulus: How Hacks Unfold
![Page 1: Project Cumulus: How Hacks Unfold](https://reader034.vdocuments.us/reader034/viewer/2022051404/58d1d3391a28ab66108b4889/html5/thumbnails/1.jpg)
webinar
project cumulus:
how hacks unfold
![Page 2: Project Cumulus: How Hacks Unfold](https://reader034.vdocuments.us/reader034/viewer/2022051404/58d1d3391a28ab66108b4889/html5/thumbnails/2.jpg)
the experiment
■ complete online identity for a fictitious bank employee
■ created seemingly real files for Google Drive
■ convincing retail bank web portal
■ username + password leaked onto the dark web
![Page 3: Project Cumulus: How Hacks Unfold](https://reader034.vdocuments.us/reader034/viewer/2022051404/58d1d3391a28ab66108b4889/html5/thumbnails/3.jpg)
hackers move fast
■ 8 attempted logins in 24 hours
■ first file downloaded in 48 hours
■ a third of total views and logins in week one
![Page 4: Project Cumulus: How Hacks Unfold](https://reader034.vdocuments.us/reader034/viewer/2022051404/58d1d3391a28ab66108b4889/html5/thumbnails/4.jpg)
hacked once, hacked everywhere
■ victim used the same password across the web
■ 94% of hackers uncovered other accounts
■ 36% of Drive hackers successfully accessed the victim’s bank account
![Page 5: Project Cumulus: How Hacks Unfold](https://reader034.vdocuments.us/reader034/viewer/2022051404/58d1d3391a28ab66108b4889/html5/thumbnails/5.jpg)
tor usage on the rise
■ hackers came from over 30 countries
■ logins recorded from the US, Austria, Netherlands, Philippines, and Turkey
■ 68% of hackers logged into Google Drive via Tor
![Page 6: Project Cumulus: How Hacks Unfold](https://reader034.vdocuments.us/reader034/viewer/2022051404/58d1d3391a28ab66108b4889/html5/thumbnails/6.jpg)
hacker tactics
■ Tor + VPN + cryptocurrency
■ bank trojans■ card writers■ “disposable” computers
![Page 7: Project Cumulus: How Hacks Unfold](https://reader034.vdocuments.us/reader034/viewer/2022051404/58d1d3391a28ab66108b4889/html5/thumbnails/7.jpg)
a look back at “where’s your data”
![Page 8: Project Cumulus: How Hacks Unfold](https://reader034.vdocuments.us/reader034/viewer/2022051404/58d1d3391a28ab66108b4889/html5/thumbnails/8.jpg)
preventing similar breaches with a CASB
identity data-centric securitydiscovery
![Page 9: Project Cumulus: How Hacks Unfold](https://reader034.vdocuments.us/reader034/viewer/2022051404/58d1d3391a28ab66108b4889/html5/thumbnails/9.jpg)
casb identity:avoid reusing passwords, implement better authentication
■ cloud app identity management should maintain the best practices of on-prem identity
■ SSO enables cross-app visibility into suspicious access activity
■ contextual multi-factor authentication mitigates risk
![Page 10: Project Cumulus: How Hacks Unfold](https://reader034.vdocuments.us/reader034/viewer/2022051404/58d1d3391a28ab66108b4889/html5/thumbnails/10.jpg)
casb discovery:set up alerts for unusual activity
■ analyze outbound data flows to learn what SaaS apps your organization is using
■ understand risk profiles of different apps
■ essential in process of enabling secure cloud app usage
![Page 11: Project Cumulus: How Hacks Unfold](https://reader034.vdocuments.us/reader034/viewer/2022051404/58d1d3391a28ab66108b4889/html5/thumbnails/11.jpg)
casb security:granular access control and DLP
the new data reality requires a new security architecture
■ cross-device, cross-platform agentless data protection
■ granular DLP for data at rest and in motion
■ contextual access control
■ detailed logging for compliance and audit
![Page 12: Project Cumulus: How Hacks Unfold](https://reader034.vdocuments.us/reader034/viewer/2022051404/58d1d3391a28ab66108b4889/html5/thumbnails/12.jpg)
about bitglass
total data
protectionoutside the
firewall est. jan 2013
CA, NY, MA,
IL, NC12
![Page 13: Project Cumulus: How Hacks Unfold](https://reader034.vdocuments.us/reader034/viewer/2022051404/58d1d3391a28ab66108b4889/html5/thumbnails/13.jpg)
resources:
■ project cumulus report
■ project cumulus video overview
■ definitive guide to CASBs
![Page 14: Project Cumulus: How Hacks Unfold](https://reader034.vdocuments.us/reader034/viewer/2022051404/58d1d3391a28ab66108b4889/html5/thumbnails/14.jpg)
download the full project cumulus report
the bitglass research team leaked a fictitious bank employee’s credentials onto the dark web and tracked the activity that followed
download the report
![Page 15: Project Cumulus: How Hacks Unfold](https://reader034.vdocuments.us/reader034/viewer/2022051404/58d1d3391a28ab66108b4889/html5/thumbnails/15.jpg)
bitglass.com@bitglass