Who is Ubisoft?
Ubisoft Entertainment is a French global video game publisher and developer, and is one of the largest independent game publishers in Europe and the United States. Do you remember playing Assassin’s Creed and Price of Persia? Those were from Ubisoft.
Hacking? What Happened?
One of Ubisoft’s websites was exploited to gain unauthorized access to some of their online systems, and during this process, confidential customer account data had been illegally accessed from the account database. Usernames, email addresses and encrypted passwords have potentially been accessed, and users have been advised to change their passwords. Ubisoft has claimed that financial info, credit and debit card data, user real names and home address data were not affected. Forensics tests and analyses are happening to uncover how the attack happened.
Ubisoft is Not Alone
This type of hacking attack is becoming more common in the digital world, and technology giants such as Facebook®, Microsoft®, Apple® and Twitter® have also been the victims of similar hacking incidents in the past.
Some Scary Factoids
According to the 2013 Data Breach Investigations Report (DBIR),
- Hacking constituted 52% of breaches that happened in 2012
- 48% of hacking incidents involved authentication-based attacks and stolen credentials (guessing, cracking, or reusing valid credentials
- 66% of breaches that happened in 2012 remained undetected for months
What is the Lesson Learnt?
Organizations are NOT prepared enough to detect zero-day attacks. Only after the perpetration is made and the damage done, we come to know of the impact. The reason for this is that there’s not much real-time actionable data for IT teams to monitor. Forensics are not enough. Detecting and stopping today’s zero-day, multi-vector and blended threats requires real-time, in-memory, analytics that can capture data, and respond to network attacks and insider abuse at network speed.
Get Access to Actionable Data & Real-time Log Analytics
Actionable data is found in all the system and device log files. All security, operational and policy-driven events are captured in the log files. To be effective in network defense, and not just for forensic analysis, the network and security event data must also be analyzed and correlated in real time. Security Information & Event Management (SIEM) systems help you get real-time insight into network activity by collecting logs from various network entities and correlating them in-memory and providing meaningful incident awareness to isolate anomalous events, threat vectors and non-compliant behavior patterns.
Try SIEM, and monitor & defend your network against hacking, intrusions, breaches, data loss and other malicious security threats!