535 Connecticut Ave. Suite 104
Norwalk, CT 06854
Empire State Building
350 Fifth Avenue, 59th fl.
New York City, NY 10118

Featured Article

November 18, 2017

Cloud Servers Leak Data from Verizon, Viacom and Now The Pentagon

There is a perception among many in the business and tech community that the cloud is somehow inherently secure. More so than local servers. The reality is cloud-based servers are attacked as often as any other server and large cloud vendors are big targets for hackers.

As a general rule of thumb, the more valuable the data, the more resources will be thrown at hacking it. It doesn’t matter really, where the information is stored. Really well-known clouds, as you would expect are bigger targets.

Knowing this is the case, it is really scary to see data left in the cloud unsecured. Technically, it is the same as leaving it unsecured anywhere on the internet but as we’ve noted, there are more people looking on clouds than on the typical small business few have heard of.

To date, archives of unsecured data have been found from the following companies:  ViacomVerizonTigerswanDow JonesDeep Root Analytics, and Booz Allen.

Now, the Pentagon has become part of this list. A third party contractor has leaked 1.8 billion scraped social media posts – many from Americans. The goal of scraping these posts seems to be related to national security as many are in languages where large amounts of terrorism takes place or from countries funding it such as Iran.

“Once alerted to the unauthorized access, CENTCOM implemented additional security measures to prevent unauthorized access,” CENTCOM spokesman Major Josh Jacques told PC Mag. “... The information you are asking about is not sensitive information. It is not collected nor processed for any intelligence purposes.”

This embarrassment for US national security follows on the heels of the data breach  at TigerSwan and TalentPen which exposed thousand of secret government applicants. Quite often the root cause of leaving data unsecured or systems unpatched and subsequently vulnerable is a single point of failure.

It’s why we advise clients to performing auditing and documentation on an annual basis at least. We have found every company we have performed such an audit for has had holes they were unaware of. Equipment which was not patched for months or years or firewalls which have been misconfigured or misplaced on the network.

Here is a more complete list of areas all organizations looking to promote a cybersecurity culture need to focus on:

1.    Cybersecurity training must be done regularly.

2.    Auditing and documentation must be performed regularly to ensure systems are secure.

3.    Anomaly detection should be running constantly to detect threats as they emerge.

4.    Penetration testing shows if systems can easily be reached from the outside. Here is a case where this test might have saved two company’s’ reputations from being destroyed.

5.    Network forensics for when a breach eventually occurs. The bad guys always seem to get in eventually.

6.    An action plan to follow when a breach does occur. Once it happens, few will have the clear heads needed to “wing it” correctly. Equifax botched it’s response in what is being called a PR catastrophe.

To ensure your organization is safe – even if you have internal IT, hire an experienced MSP or MSSP like Apex Technology Services to regularly check your systems.





Comments powered by Disqus

Related Articles