9621 Agnes Crossing, Lake Suzanneview, New Mexico Island 84604-9295.
Cisco Talos believes that the recent wave of data breaches among Snowflake customers is not an isolated incident, unless companies learn the right lessons from it. The snowball
Cisco Talos believes that the recent wave of data breaches among Snowflake customers is not an isolated incident, unless companies learn the right lessons from it.
The snowball started rolling in early June when a major Spanish bank and Ticketmaster reported a security incident. A wave of data breaches soon followed, with Snowflake unwittingly emerging as the common thread. It is estimated that at least 165 companies have been hacked, and the hackers are trying to extort a ransom for the stolen Snowflake data.
Snowflake was quick to explain that the wave of data breaches was not their fault, and further investigation confirmed this. It turns out that the hacked customer accounts were all poorly secured. There was typically no MFA security, making it a breeze for intruders to break in.
Cisco Talos, Cisco’s security division, has commented on the events in a blog. New discoveries do not remain on the surface, but Cisco Talos wants companies to learn from them. Otherwise, similar data breaches with stolen credentials will continue to occur.
The danger is still underestimated, says Cisco Talos. Cybercriminals who want to be more subtle will not bombard their victims with ransomware, but will try to steal an employee’s login credentials in a sophisticated way. They then simply log in using these credentials.
Stolen login data is therefore worth a lot of money in the cybercrime world, both directly and indirectly. Cisco Talos delved into the darkest depths of the Internet and discovered how criminals exchanged login data with each other. Thousands to tens of thousands of dollars are paid for this. With a successful cyberattack, the money can be recouped for the “buyer” in no time.
Cisco Talos’ advice isn’t revolutionary, but it’s worth repeating over and over again: Enable MFA. First and foremost, critical data needs to be protected with MFA everywhere. Organizations can also be strict with their vendors and require that multi-factor verification be supported. To be clear, this was the case with Snowflake, even though the company hasn’t adopted this standard.
So the only thing you can blame Snowflake for is allowing its customers to consistently ignore good security practices. Ultimately, the responsibility for securing cloud service accounts lies with the customer.
Source: IT Daily
As an experienced journalist and author, Mary has been reporting on the latest news and trends for over 5 years. With a passion for uncovering the stories behind the headlines, Mary has earned a reputation as a trusted voice in the world of journalism. Her writing style is insightful, engaging and thought-provoking, as she takes a deep dive into the most pressing issues of our time.
