Hackers to Cloud Accounts of Technology and Aviation Companies Demonstrate Different Threat Model – the Parasite
Wake up C-suite!
SC media writer Bradley Barth reported in January on instances where hackers were able to hijack cloud accounts of high-tech and aviation firms, and stay hidden. This type of advanced persistent threat has been plaguing companies in critical infrastructure industries in the US for years.
Companies need better and more complex security, even within cloud platforms. Traditional methods of security are quickly becoming obsolete. For example, VPN technologies provide a decent level of security but since most rely on password-challenge authentication or certificate-based authentication, they do not have proper identity management safeguards in place. As a replacement for traditional VPN architectures, zero-trust security models are quickly becoming the preferred method of securing internal corporate resources.
By implementing a zero-trust architecture, companies can quickly deploy additional methods of authentication such as smart card, biometrics, and other more modern layers of identity management than traditional VPN has provided in the past (such as SMS). In addition, zero-trust architectures are more tightly integrated with corporate directories and identity management systems thus making them more secure and easier to manage.
What is most concerning, and the biggest hurdle is the lack of buy-in from executives to strategically invest in adequate cybersecurity. It is foolish to wait until a breach to get serious about properly securing corporate assets and client data. Cyber security needs to be proactive within businesses, so risk mitigation and breach prevention are in place before hacks occur. Security protocols from the seemingly innocuous, such as login instructions, SOPs and other pertinent Onboarding information, all the way to Disaster Recovery need to be factored into the cyber security plan.
Gone are the days where adversaries will blatantly attack you and disrupt your operations. Now they are focused on infiltrating highly valuable data for as long as possible. It is more important than ever to identify the scope of corporate data and put procedures in place to monitor and mitigate even the smallest incursions to corporate networks.