Armand here, RPost’s product evangelist armadillo. Yes, today we’re hearing about yet another reputational crisis at AT&T, due to the new SEC reporting requirements for companies that have a material breach. Let’s hope you share this message so you can learn from their challenges.
Again, AT&T customer data has been siphoned off, as reported in Tech Crunch, by cybercriminals who accessed a user account in a third-party data analysis cloud (Snowflake).
Systems like Snowflake are used to glean insights from data, for example, relationships from back-and-forth communications related to text message patterns combined with geo-location elements from cell tower data related to each message transmission.
This is what the cybercriminals have now, for more than 100 million users (for all calls and texts over a period of recent time).
How could AT&T have pre-empted this issue?
One important tactic is identifying which staff or external parties that staff communicate with have compromised email accounts that provide the cybercriminals the context and insights to build their hyper targeted attack.
Better said, “It’s better to identify the cybercriminal while they are STAGING their attack versus after they have begun their targeting!”
Wouldn’t AT&T have liked to know about the impostor communications that were going on related to some staff with this cybercriminal reported to be in Turkey, in advance?
Yes! Yes! (And since yes, I’ll assume AT&T will ask RPost to enable RPost’s Eavesdropping™ AI today, so they can thwart the next attempt…)
Eavesdropping™ AI essentially lets the RPost customer eavesdrop on the cybercriminal eavesdroppers. It’s a sort of Spy vs. Spy scenario. You are able to, with RPost, spy on them spying on you!
Eavesdropping™ AI by RPost provides a social graph of activities related to a sender and a recipient and all those devices and humans that interact with the email from transmission through replies, forwards, etc.
The social graph is analyzed for threats based on anomalous activities related to the sender's defined risk profile of expected activities. The social graph is expanded in the data structure of RPost to include all senders, all recipients and all those follow-on humans and devices (via replies, forwards, CDNs, etc.) that touch all email, documents, transfers and transactions.
This social graph data is analyzed against internal/external databases to generate insights. These insights are parsed against the user, user group, or company risk profile to determine high risk (vs. low risk) activities.
The result is reported to the user and/or admin so they can take appropriate action; the result, if determined to be high risk, is fed into AI Auto-Lock™ tech to trigger pre-emptive locking of message, document, data room, file share, and eSign transactions.
Eavesdropping AI is part of the RPost PRE-Crime™ suite. Learn more.
September 03, 2024
August 30, 2024
August 23, 2024
August 16, 2024
August 09, 2024
Blog