Tips to Prevent Cyber-Security Breaches
It’s just the start of a new year and already three companies have been reported to have suffered Security breaches – restaurant chain Chick-Fil-A, bit-coin exchange Bitstamp, and investment firm Morgan Stanley.
Aside from the widely publicized Sony Hack reported late last year 2014, new headlines have been added to the list of cybersecurity victims. We’ve asked IT Security Researcher, Davide Girardi aka “GiRa”, for his thoughts as well as share some guidelines to prevent these attacks.
New Year Reported Security Breaches
Chick-fil-A Restaurant Chain
Chick-fil-A is a restaurant chain that has 1850 restaurants across the United States. It’s been stated that around 9,000 customers are potentially affected. Customers who used credit cards from December 2, 2013, to September 30, 2014 may have their information compromised.
An announcement on the fastfood chain’s website mentions that they are currently working on the said breach and are advising clients to report any suspicious transactions in their credit cards to their banks.
We want to assure our customers we are working hard to investigate these events and will share additional facts as we are able to do so. If our customers are impacted, we will arrange for free identity protection services, including credit monitoring. – Chick-fil-A
“This is another example of many retail company hacks reported last year.” GiRa says. “People who attack a system may utilize a variety of different techniques like exploiting zero-day vulnerabilities or social engineering just to name a few. Combining these attacks in a chain will help them to get access to a system after another.”
Bitstamp Bitcoin Exchange Company
On January 6, Bitstamp bitcoin Exchange Company has temporarily suspended their website and services due to an operational breach of their wallet system amounting to about $5 million worth of bitcoins.
Bitstamp is currently displaying a notice on their webpage and is posting progress updates constantly. They are still investigating the issue but have advised their clients to strictly avoid making any deposits/transactions.
As an additional security measure, we suspended our systems while we fully investigate the incident and actively engage with law enforcement officials. – Bitstamp
“There is no technical information disclosed by Bitstamp as they are still investigating it, so we cannot pinpoint where the attackers were able to infiltrate the system.” GiRa says. “However, periodic pentesting ensures that no stone is left unturned, finding every possible flaw and security risk before the bad guys do.”
Morgan Stanley Fires Insider Threat
US Financial institution Morgan Stanley found records of its clients posted online. About 350,000 customer information were compromised and the breach was reported to authorities after they found over 900 client details published on the internet.
Morgan Stanley released a statement confirming the incident and explained it was caused by one of their employees who accessed their records. The employee has been terminated and the bank mentioned that the result of the breach did not find any losses to its customers.
While there is no evidence of any economic loss to any client, it has been determined that certain account information of approximately 900 clients, including account names and numbers, was briefly posted on the Internet. Morgan Stanley detected this exposure and the information was promptly removed. – Morgan Stanley
Although the suspect is an employee of Morgan Stanley, he had no relation to the records he obtained. It’s critical that unauthorized access should not only be limited to outsiders. “Through network segmentation, you can limit access to credit card details or other sensitive data to the systems who need to process them.” GiRa says. “Making the system traceable is also important to narrow and detect the culprit. As what Morgan Stanley faced, even insiders are also a threat.”
Tips to Combat Cyber-Security Attacks
To summarize, here are some guidelines to prevent security breaches shared by GiRa.
- Security Awareness – Security awareness is the key aspect of a good security posture. When someone works with security in mind, they will understand if an action (like opening an email attachment) is dangerous and why.
- Network Segmentation – Splitting the network into smaller networks, thus creating layers, boosts performance and improves security. You can limit the access to those data to just the systems who need to process them.
- Secure Development – A software system is ready for production when it meets the project requirements and an attacker cannot misuse it. Secure software development ensures that every part of the product is safe for its users and the systems running it.
- Penetration Testing – Hire a professional pentester to regularly attack a system in order to secure it especially when there are new updates deployed in a system.
- Best Practices – Simple best practices in password management such as using password managers, mobile devices management, use of the network and so on will greatly reduce the attack surface both on the IT side and the human side of an information system.
Given that there are plenty of IT security news during the start of the year, can cyber attacks be prevented at all?
These are just some of the headlines during the start of the year. Be prepared for more. “Cyber-attacks are not a question of if, but a matter of when.” GiRa shares. “Being prepared and having the skills to prevent and detect them is the key to protect your business. So always make it a point to set a culture of security awareness across all employees, limit access to the network, develop secure software before deployment, conduct regular penetration testing, and adapt best practices on both the computer and human side in an information system”
Want to become a Professional Penetration Tester?
Davide “Gira” Girardi is a security researcher and instructor. He has 8+ years of experience in system hardening and security consultancy on Linux, Windows, OSX and mixed environments.