Cyber Threat Briefing: Why Prioritizing Password Management and Good Cyber Hygiene is Key to Reducing Risk
By SureCloud’s Senior Director of Cyber Solutions, Nick Hayes, and Senior Cybersecurity Consultant Hugh Raynor
Published on 27th March 2023
According to the National Cyber Security Centre (NCSC) there were 6.4 million reports of suspicious email activity in 2022, which resulted in 67,300 scam URLs being blocked.
The targets for these scams are becoming more high profile too. In the second half of 2022, cyber attacks against governments jumped by an incredible 95%. The sharp increase is a direct result of fraught geopolitical relations and the rise of new attack vectors such as nation-state hacking. Cyber criminals have turned to ‘hacktivism’ and are waging cyber warfare against government organizations for political gain.
You may be thinking, why is this relevant to my organization? Well, when you consider that 90% of cyber attacks are made possible by human error, these instances provide good lessons to heighten awareness among businesses and their employees about how to identify threats or scams. It only takes one response to a bogus email for an attacker to garner confidential login details and launch a wide scale attack.
Here we examine three incidents that have hit the headlines recently, highlighting how password management and good cyber hygiene should be the central pillars of a security posture.
LastPass falls victim to yet another data breach
Popular password management tool, LastPast, recently confirmed that cybercriminals had managed to gain access to the personal data vaults of millions of its customers. Hackers obtained unencrypted subscriber account information such as usernames, company names, billing addresses, email addresses, phone numbers and IP addresses.
Perhaps the most concerning element of the breach was the fact that criminals were able to steal a copy of sensitive customer vault data. This included unencrypted website URLs and encrypted data such as usernames and passwords for all the websites customers had stored within their vaults.
The most worrying thing for LastPass customers was that even though their data may be encrypted, attackers will run brute-force attacks in an attempt to access their information. Experts believe it would take an infinite amount of time to crack these master passwords, if best practice has been followed. However, if your organization uses generic terms for LastPass master passwords, you could be at serious risk and should urgently update all individual login credentials.
What can your business learn from this latest LastPass attack?
There are two key points to consider in the wake of the LastPast attack. First, from an enterprise point of view, password managers need to be configured in line with your existing security protocols. This is particularly important given the amount of organizations that use shared login details; those credentials are only as strong as the weakest password used by your employees.
Secondly, educating staff on the importance of password management is key, especially if each individual has their own personal vaults containing master passwords. To counter this, offering additional training around topics such as multi factor authentication could be extremely beneficial to your organization.
Education on password management should be a priority for all organizations. Without strong credentials you’re completely exposed
Hackers steal Slack’s GitHub code
As one of the world’s most popular instant messaging platforms, Slack has an estimated 20 million users across the world. So, when it was announced early in 2023 that part of its GitHub code had been stolen, there was certainly cause for panic among the multitude of organizations that use it. However, Slack confirmed that no sensitive information had been stolen and it was working to reassure customers.
Unknown threat actors gained access to Slack’s GitHub repositories via stolen employee tokens. However, these repositories didn’t contain any sensitive customer information or primary code. As a result of the breach, Slack has taken the decision to rotate access to its repositories.
Three key takeaways from the Slack data breach:
- Audit and understand your public and private presence on SaaS applications. It’s vital to understand the sensitivity of the data contained on either platform and how well it’s protected.
- Understand the configuration and controls of any SaaS facility and ensure they are in line with your existing security protocols.
- For a repository to be effective, multiple staff need access to it. So, having a clear understanding of who has access to them and then maintaining good security hygiene should be priorities.
Ensuring all staff are aware of the importance of cyber hygiene will strengthen your overall security posture
President Biden reportedly had classified documents in his home
News broke recently that an investigation had been launched following reports of classified documents being found at the home of President Biden. The documents, which apparently relate to his tenure as Vice-President under Barack Obama, were seized following a search of his home in Delaware.
This latest discovery follows on from reports that classified documents were previously found in two other locations. The full details of the situation have not been revealed, but when you consider the sharp rise in cyber attacks against government organizations, it certainly highlights the dangers of taking sensitive documentation out of a secure environment.
What are the dangers of removing classified documents from the office?
Organizations invest a lot of time, money and resources into developing security strategies. Whether that’s spent on secure access control systems or locks for your office cabinets, the aim is always the same: to protect sensitive data. However, the moment any documents are taken out of the office environment they are no longer under the protection of that organization’s security protocols.
This is especially important given the ever-evolving geopolitical landscape. Ensuring networks are secure and users are aware of the dangers involved in having sensitive documents in their home or place of remote work is so important. Implementing data classification policies, laptop privacy filters for those working remotely, and private cloud-based storage solutions could significantly reduce the risk of data being lost or stolen.
Automate data classification to ensure seamless processes are in place to protect your organization’s most sensitive documentation
As the threat landscape continues to evolve, so should your approach to cybersecurity. It may sound simple to educate staff about the importance of password management and good cyber hygiene, but this could be the difference when it comes to preventing a major security breach. By prioritizing the basics you’ll avoid adding your organization’s name to an ever-growing list of those who have fallen victim to cyber scams.
SureCloud’s Cyber Risk Management Capability can help your organization continuously protect digital assets building a clear view of vulnerabilities and the business-critical applications they impact while looking at the steps needed to mitigate any damage. We offer a combination of IT risk management software to secure your cybersecurity, expert cyber services and vulnerability assessments.
To hear more from Nick and Hugh on the risks your business might be exposed to, listen to this Cyber Threat Briefing episode, available on our Capability-Centric GRC & Cyber Security Podcast.