Data breaches, successful cyberattacks, and hacking events are often shrouded in silence.
Beyond the bare-bones facts, it is often difficult for companies which have become victims of such crimes -- as well as the external cybersecurity experts which perform forensics and damage control after -- to admit to more than they have to.
Legal ramifications, prized reputations which may take a beating, and protective non-disclosure agreements often mean that very little is shared publicly which relates to how a security incident was able to take place, the timelines involved, or any of the gritty, contextual details.
If we are going learn how to better defend corporate networks from cyberattacks in the present and the future, communication and being able to learn from each others' mistakes are key.
While anonymized, Verizon's new 2018 Data Breach Digest[1] (DBD) contributes towards this goal and also gives us a look into how cyberforensics teams tackle data breaches.
In this year's edition, there are some interesting stories of note which demonstrate trends in malware usage, modern attack vectors, and also the mistakes companies make which can cost them dearly after a cybersecurity incident has taken place.
The peeled onion[2]
In a case known as the peeled onion, Verizon security researchers -- the VTRAC Investigative Response team -- tracked a set of cybersecurity incidents connected through the use of cryptocurrency-related malware.
The malware would compromise the CPUs and graphics hardware of infected systems in order to covertly mine cryptocurrency, such as Ethereum or Monero, in what is known as cryptojacking.
According to Verizon, the majority of cases involved the illicit mining of Monero and Zcash.
In one customer's case, alerts were originating from corporate firewalls which suggested suspicious network behavior.