Many recent cyberattacks have focused on the software supply chain, with SolarWinds being perhaps the most high profile example.
Businesses can often have a blind spot when it comes to the supply chain and this can have catastrophic consequences. We spoke to Todd Carroll, CISO of CybelAngel to learn more about the problem and what companies can do to keep themselves safe.
BN: What impact can open databases have on a business's security stance?
TC: The mass migration to the cloud in recent years has resulted in thousands of open databases -- those that do not require passwords to access. Unfortunately, hackers are often more aware of the vulnerabilities in these databases and repeatedly use them as a route into the wider network, which can leave huge gaps in business’s security.
Criminals work hard and fast, exploiting any opportunity made available to them. An experiment demonstrates the severity of this issue, when a researcher created an unsecure database to measure criminal activity. In a mere 11 days, the database was attacked 175 times.
Using techniques such as stolen credentials, hackers can extract information to then sell on the Dark Web or use to demand a ransom. Either way, the primary and secondary impacts on the business can be devastating. To put this into numbers, the cost of a breach involving 50 million compromised records sky-rocketed to $392 million in 2020. Not only could organizations face huge financial and data loss, but their reputation also takes a hit.
These databases are often unintentionally created, usually because teams forget about them, or new ones are created without the wider team kn ..
Support the originator by clicking the read the rest link below.
