It’s getting harder for organizations to identify the extent of damage incurred from a cyberattack – after the initial shock wave of panic anyway. You don’t want it to be difficult to trace the origins of an attack when the frequency of breaches is as rampant as it is today. Data breaches are more of an eventuality than a possibility.
Ask CISO heads how long it takes them to identify the blast radius of a breach, and the average response you’ll get is, at best, ‘hours.’ But ‘hours’ isn’t fast enough today. Just a single hour is all it takes for an attacker to pivot across infrastructure to access highly sensitive resources.
If the repeated Internet Archive breaches taught us anything, it’s how damaging exposure of the wrong information can be. Hackers used exposed access tokens from previous incidents to penetrate the organization’s Zendesk implementation. These API keys, left static since the original breach, provided hackers with easy access to over 800,000 support tickets. To add insult to injury, the hackers started replying to old support tickets criticizing the Internet Archive for failing to rotate these keys.
Unfortunately, the number of times we keep seeing these incidents is a symptom of how complex IT infrastructure has become. Finding out who breached your data, where, and how is often headache-inducing. This largely stems from how extremely fragmented identity silos have become, and the pile of identities needing management just keeps growing bigger. But there’s also the fact that access relationships between resources are also fragmented. This fragmentation of access and security models makes organizations vulnerable to human error.
What would fix this? A new cybersecurity paradigm – one without static credentials, eliminating the attack surface targeted by threat actors. Companies can further harden their security by shifting their access model from role-based authentication to attribute-based authentication.
The complexity of identity management
Microsoft’s recent report identified over 600 million identity attacks in its 2024 fiscal year alone. If you’re wondering why that number is so high, it’s because humans make it easy. We leave credentials like passwords, browser cookies, and API keys lying around in the most obvious places. Further, long-lived, stale privileges allow a bad actor to pivot from their initial breach to other destinations on a network.
This makes it only a matter of time before a user inadvertently reveals too much information or prior credentials. Hackers are ready to pounce on these mistakes. We saw this happen with the initial Internet Archive breach, where an exposed GitLab configuration file contained an authentication token that enabled hackers to download the Internet Archive’s source code, which included additional credentials.
It also doesn’t help that access is often managed in completely different ways across Kubernetes clusters,
Read full post on Tech Radar
Discover more from Technical Master - Gadgets Reviews, Guides and Gaming News
Subscribe to get the latest posts sent to your email.
