Chapter 2

The 2014–2015 Anthem Blue Cross and Blue Shield Break-In Case Study

Anthem has stated that their systems were entered into during December 2014–January 2015. Anthem is an insurance company. It has 12 State Blue Cross and Blue Shield Healthcare Insurance Companies, and a Life Insurance Company and a number of Affiliated Companies. It seems clear, however, that this unauthorized entry occurred between January 2014 and April 2014 (Brian Krebs, Krebs on Security Blog, February 9, 2015). We believe that the attackers are based in Shanghai, China, and are loosely aligned with the Chinese military. They have a mature set of tools, are exceptionally skilled, and intend to gain a persistent, long-term presence in the systems that they enter. ...

Get Network and Data Security for Non-Engineers now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.