Making the Shoemaker Walk Barefoot—The Emerging Hacker’s Sport
Author: Amir Gil, MetaAccess Business Director, OPSWAT
Hackers are doing their best to hack brand name cyber vendors and make them sweat. And the latest victim is… Avast with the second time their popular Ccleaner tool has been hacked.
Avast is part of an on-growing group of cyber and IT vendors that are being targeted by hackers—private hackers, organized hackers and state-level groups
Success in such attacks gains a lot of recognition from the hacker’s colleagues/employers through their networks (Darknet etc.). Moreover, it is not only recognition-motivated, but it is also economically motivated. The bigger the vendor is, the bigger is the potential reward from the hack. Some of the companies hacked in recent years are covering millions and sometimes hundreds of millions in many industries and exposing them to ransomware attacks and other money-based attacks.
Here are some additional examples from the last few years:
- 2013 – Bit9 Endpoint security hacked and a virus spread to all its customers.
- 2015 – Hacking Team and Nice hacked and their business correspondence leaked.
- Aug 2017 – Fireye analysts hacked, revealing other vendors, such as Hacking Tools.
- 2018 - Intel (with Meltdown and Spectre) has maybe the broadest effect, because of the number of computers that became vulnerable.
So what do you do about it if you are a cyber vendor? Make sure you are not barefoot. In our language, that means always assume someone is trying to attack you, implement strict security standards (like ISO27001, SOC2) and comply with them, create drills (blue vs. red ones, pentests), provide cyber education to the teams, etc.
And what do the customers need to do? First of all, make sure you are always up-to-date with the latest breaches and assume that everyone may be vulnerable. Make sure your endpoints and BYOD:
- Are compliant with your security policy.
- Do not carry any known or new malware.
- Are fully updated with the latest patches that cover known vulnerabilities, such as Meltdown and Spectre.
- Apply Zero trust—Trust no file, Trust No device and no application, even if it is antivirus software. Verify that it is a version that is not vulnerable. Verify it was updated correctly and that the executable file is not loaded with an unwanted malware payload (as in the bit9 case).
Want to see how it’s done with MetaAccess? You are welcome for a free trial for 50 users at: https://www.opswat.com/get-started.
For more information, please contact one of our cybersecurity experts.
- Academy 22
- Advanced Threat Prevention 69
- CEO's Blog 25
- Company Announcements 145
- Company Culture 15
- CVEs 288
- Deep CDR 68
- DevSecOps 3
- Email Security 32
- Engineering Blog 3
- File Upload Security 26
- Industrial Cybersecurity 26
- Kiosk & USB Security 38
- Malware Analysis 83
- OACCP Certification 46
- OESIS Framework 137
- Product Announcements 355
- Reports 28
- Secure Access 27
- Secure Data Storage 26
- Technology Partnerships 42
- Vulnerabilities 29
- File Upload Protection – 10 Best Practices for Preventing Cyber Attacks
- Protecting Critical Infrastructure from Advanced Cyberattacks
- 6 Potential Security Gaps in File Transfer Process for Critical Infrastructure
- How the Energy Industry Can Survive Targeted Attacks
- Smarter Malware Analysis Starts Here
- Research Highlights Significant Challenges for Organizations in Responding to Malware Threats
- MetaDefender Prevents Emotet - The World’s Most Dangerous Malware
- OPSWAT Takes Proactive Steps to Close the Critical Infrastructure Protection Skills Gap
- Can A Video File Contain A Virus?