Companies need a strong, layered defense to thwart such attacks every time.
Cybersecurity experts are concerned the recent Twitter cyberattack is just the beginning of a surge in similar attacks.
In last week’s attack, malicious hackers went after dozens of high-profile accounts to promote cryptocurrency scams. According to Twitter, it was a coordinated social engineering attack. And it was by people who successfully accessed internal systems and tools by targeting Twitter employees.
The FBI has launched an investigation.
The Twitter cyberattack appears to be the largest and most coordinated in Twitter’s history, according to NPR. It raises questions about the vulnerability of the platform.
To find out more about the danger of attacks similar to the Twitter cyberattack, we spoke with Robert Capps, NuData Security’s vice president of market innovation, cyber and intelligence solutions, and Jimmy Jones, cybersecurity expert at Positive Technologies.
Channel Futures: What was most significant and alarming about the Twitter cyberattack?
Robert Capps: Concerns go beyond the attacks Twitter experienced recently. The use of internal administrative tools to launch attacks, instead of attacking individual account holders, has broad value to cyber criminals, because they are so powerful. Once access has been obtained, it’s generally very little extra work to launch broad attacks against compromised systems versus a one-by-one attack against individual accounts. Without proper protections, this may become a new favorite attack vector for cyber criminals.
Jimmy Jones: The global visibility of Twitter made this incident unique. Companies are hacked every day, but the results are normally only felt within that organization, whereas this incident had wide-reaching effects. Publicly disclosed events are very few and far between because no organization will advertise they have been breached if they don’t have to.
CF: Why would the Twitter cyberattack be the start of a surge in similar attacks? What would be the characteristics of such attacks?
RC: Access to administrative interfaces and tools have been a concern of many security industry practitioners for years, as has been social engineering against staff who have access to such tools. Adversaries need to be right just once to gain access — tricking one employee to give up their credentials to allow access to sensitive tools that in a number of cases may allow access to customer accounts that have strong authentication technologies deployed, such as one-time passwords or biometric authenticators.
Companies need a strong, layered defense to thwart such attacks every time. Attacks generally start as phishing emails or malware infections that allow for the theft of valid user credentials or access to the high-value administrative tools. When bad actors use these credentials to access a system, if the verification tool doesn’t also evaluate the user’s behavior and only looks at the credentials or other basic information such as IP and connection, they will be able to access the account as if they were the legitimate user. Once they gain legitimate access, it can be sold, or it can be used directly in the form of an attack. There is also the risk of …
Click here to go to the original author and source to this story.
Get your CompTIA A+, Network+ White Hat-Hacker, Certified Web Intelligence Analyst and more starting at $35 a month. Click here for more details.
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .