Breaking Insider Threat News: Dtex Detects Chinese National Yi Zheng’s Attempt to Steal Data From Major Financial Services Provider

Breaking Insider Threat News: Dtex Detects Chinese National Yi Zheng's Attempt to Steal Data From Major Financial Services Provider

https://dtexsystems.com/wp-content/uploads/2018/11/Blog-Inner-Weekly-News-Round-Up.jpg

Wealth management company AMP, based in Australia and New Zealand, told The Australian that the Dtex Advanced User Behavior Intelligence Platform played a key role in helping to detect illegal data exfiltration attempts by one of its former contractors, Chinese National Yi Zheng. According to The Australian:

Yi Zheng, 28, downloaded documents including passport and driver’s licences from 20 different customers at AMP and sent them to his personal email account in October last year.

He then attempted to install a “darkweb” internet browser on his AMP laptop in December using an external USB storage device, which caused security software program Dtex to automatically alert Cyber security staff.

Thanks to successful detection efforts and the work of AMP’s cybersecurity staff, the malicious insider didn’t get away with the attempted crime. According to the news:

The Chinese national was arrested by the NSW Border Force officers as he tried to flee the country with his wife and six-month-old baby by boarding a flight to China around midday on January 17.

It’s widely known that malicious insider threats like Zheng are the cause behind a significant number of data thefts and breaches annually. Dtex frequently enables its customers in the financial services industry to detect such events BEFORE they escalate into catastrophes, as was the case at AMP.

“We work closely with all of our customers to make sure their deployments are providing them with the visibility needed to detect and prevent insider threats,” said Mohan Koo, Dtex Systems co-founder and CTO. “The success in this case shows that insider threats can be detected and neutralized before they develop into mega breaches that can result in damaging losses for organizations. Having caught Zheng in time, AMP demonstrated that the right combination of technology and talent can stop malicious actors before it's too late.”   

Learn more about how frequently malicious insiders attempt to circumvent security controls by using VPNs and how Dtex identifies such behaviors in the Dtex 2018 Insider Threat Intelligence Report.

Access the article from The Australian: Chinese contractor pleads guilty to AMP data breach