White Hat Hacking with TDL | Veeam Suffers Data Breach



Veeam Exposes Customer Records

Veeam announced recently that it had suffered a breach of 445 million customer records from an AWS-hosted Cloud storage service that was misconfigured. Predictably, a competitor stepped in to make a comment on this. Refreshingly, it wasn’t taken as an opportunity to kick a competitor whilst they were down. "The Veeam incident is unfortunate for a self-described intelligent data management company, but the reality is it could happen to any organisation,” said Chris Gondek, principal architect at Commvault. “Rather than spread fear, uncertainty and doubt about a lack of capability, this incident should serve as a reminder to all organisations that data is an asset and a catalyst to many initiatives - and it must be protected.” According to Gondek, all organisations must be prepared for data loss scenarios for "when, not if, it happens" “At the end of the day, your organisation is responsible for your data and information, irrespective of where you place it."  Some very sage advice around taking the position that preparation for such an incident is something all businesses, both large and small need to consider. A transition to the Cloud is not a "get-out-of-jail-free-card" for effective security planning.

Azure Red Team

As more organisations are looking at ways to protect their Cloud-hosted content, it's interesting to understand the methods undertaken by a ‘red team’ to seek access to Azure-hosted data when they undertake their exercises. For those interested, this article provides some great insights into the services within Azure that are likely to be a target to gain normal and elevated access. This is worth considering in the development of your security posture when deploying Azure.

Email Compromisation 

In our experience discussing issues with businesses of varying sizes; there seems to be one constant at present that is causing concern, being email compromisation. Businesses from two man operations, all the way to large multinationals are targets of phishing campaigns where managers are impersonated via email to redirect payments, purchase iTunes vouchers etc. We’ve written about this recently and identified that staff education is more important than technical controls in these situations.

What is heartening to know, is that the authorities aren't taking these situations lightly - in mid September, a group from western Sydney were arrested with undertaking criminal activity of this nature. A reaction is that they belong in jail and ironically, they were already there. A group of five people were arrested, including the ringleader for conducting the scam operation from inside Villawood Detention Centre.

Contact Us today to find out how Thomas Duryea Logicalis can support you with your organisation's security concerns and posture.

Tags Security, Privacy, IoT, HTTP, Google Chrome, 2-Factor-Authentication, 2FA, HTTPS Sites, Crypt worm, SamSam, Databreach, Reddit, OAIC, Cybercriminals, Spyware, Human Error, Malware, Veeam


Contact Us