How the security incident happened at CloudSEK and what we can learn from them

Previous Attacks on Cyber Security Companies

When a major organization has a security breach, it always hits the headlines. But when a cyber security company has that breach it creates panic.

Here are the past data breaches like CloudSEK:

• In June 2015, Kaspersky reported that its own network had been infiltrated by government-sponsored malware. The security firm revealed the hack in a blog post from founder Eugene Kaspersky. He said that the thinking behind the attack was a generation ahead of anything the firm had seen before.
• Like Kaspersky, LastPass took an upfront approach to the hack, disclosing what happened. LastPass, a third-party storer of multiple user passwords, is an obvious target for hackers – a centralised database of passwords could be a devastating tool in the hands of an attacker.

• The Romanian cyber security firm BitFinder was targeted by a hacker who possibly compromised 400 million customers’ accounts. The company refused to pay the ransom and details of several customers were leaked online by DetoxRansome, the hacker.

• Cyberoam revealed that in January 2016, firm was hit right at the end of 2015 with a hack that may have resulted in leakage of its database that contained customer and partner personal details.

What are the other types of security breaches?

There are a number of types of security breaches depending on how access has been gained to the system:

1. An exploit exploits a system vulnerability, such as an outdated operating system. Legacy systems that have not been updated, whether they be used in stores where outdated and outdated versions of Windows that are not supported are used, are particularly vulnerable to exploits.
2. Weak passwords are easy to crack or guess. Still, some people continue to use the password “password” and “pa$$word” isn’t much safer.
3. Attack attempts, such as phishing emails, appeal to a single worker’s susceptibility to lead to malware infection. It only takes one click of an employee to open a link in a phishing email for an infection to begin spreading throughout the network.
4. Drive-by downloads use viruses or malware delivered through a compromised or spoofed website.
5. Social engineering can also be used to gain access. For instance, an intruder calls an employee asking for the IT helpdesk’s password in order to ‘fix’ the computer.

Different techniques were used to gain access to networks as with Yahoo, a phishing attack was used in Facebook’s intrusion.

What to do if you experience a security breach

Remember that a security breach on one account could mean that other accounts are also at risk, especially if they share passwords or if you regularly make transactions between them.

• If a breach could involve your financial information, notify any banks and financial institutions with which you have accounts.
• Change the passwords on all your accounts. If there are security questions and answers or PIN codes attached to the account, you should change these too.
• You might consider a credit freeze. This stops anyone using your data for identity theft and borrowing in your name.
• Check your credit report to ensure you know if anyone is applying for debt using your details.
  Try to find out exactly what data might have been stolen. That will give you an idea of the severity of the situation. For instance, if tax details and SSNs have been stolen, you’ll need to act fast to ensure your identity isn’t stolen. This is more serious than simply losing your credit card details.
• Don’t respond directly to requests from a company to give them personal data after a data breach; it could be a social engineering attack. Take the time to read the news, check the company’s website, or even phone their customer service line to check if the requests are legitimate.
• Be on your guard for other types of social engineering attacks. For instance, a criminal who has accessed a hotel’s accounts, even without financial data, could ring customers asking for feedback on their recent stay. At the end of the call, having established a relationship of trust, the criminal could offer a refund of parking charges and ask for the customer’s card number in order to make the payment. Most customers probably wouldn’t think twice about providing those details if the call is convincing.
• Monitor your accounts for signs of any new activity. If you see transactions that you don’t recognize, address them immediately.

How to protect yourself against a security breach

Although no one is immune to a data breach, good security habits can make you less vulnerable and can help you survive a breach with less disruption. These tips should help you prevent hackers breaching your personal security on your computers and other devices.

• Use strong passwords, which combine random strings of upper and lower-case letters, numbers, and symbols, to be more difficult to crack than simpler passwords. Don’t use passwords that are easy to guess, like family names or birthdays. Use a Password Manager to maintain your passwords secure.
• You’ll reduce your vulnerability to a security breach by not closing accounts that are not in use. You do not have to shut down an account that you do not need, and that may open a huge door to your other accounts.
• If you’re getting rid of a laptop or computer, make sure to thoroughly wipe the old hard drive with a data destruction program, rather than merely deleting files. Don’t just wipe out files; set up a data-deletion program to overwrite all previous information on the disk drive. When you reinstall the operating system, your data will be completely destroyed.
• Back up your files. Some security breaches cause stolen files to be rendered unreadable, and a ransomware ransom must be paid to make them accessible to the user. If there’s a separate backup on a removable storage device, your files remain safe in the event of a breach.
• Beware of clicking on any unsolicited emails with links to websites. If you get an email which claims to be consisting of messages from your contacts, be skeptical before opening it. It is crucial to pay attention to attachments and links in emails you decide not to open as well. Run an anti-virus software program on attachments and links before you open the emails.
• Apply the wisdom you learn about protecting your information to situations when it’s not required. An auction site doesn’t need your Social Security number, and a business journal shouldn’t have your date of birth.

How Terraeagle Can Help You Solve Data Breaches

From detection to prevention, Terraeagle’s approach is redefining security for the cloud era with an endpoint protection platform built from the ground up to stop breaches.

Terraeagle uniquely enables and delivers these elements via a cloud-native architecture to meet the speed, flexibility, and capacity required to fend off modern attackers and stop cloud breaches. It delivers a single lightweight agent for prevention, detection, threat hunting, response, remediation, and cloud security posture management and hygiene. The option to be fully managed 24/7 by Terraeagle security experts is also available.

Terraeagle’s single lightweight-agent architecture leverages cloud-scale artificial intelligence (AI) and offers real-time protection and visibility across the enterprise, preventing attacks on endpoints on or off the network.

Found this article interesting? Follow Terraeagle on Facebook, Twitter and LinkedIn to read more exclusive content we post.