The Lapsus$ okta breach has been discovered. Learn how to stay secure.
In the past week, we have learned of the Lapsus$ okta breach but new information keeps coming out daily.
There have been reports that Lapsus staff had an unencrypted, unprotected spreadsheet full of domain admin passwords lying around on the network. This is a big no-no for any business.
Background for readers first time learning about the Okta hack:
Okta an IAM and authentication solution provider was breached through 3rd party support service company serving okta. This hack potentially compromised 366 corporate customers relying on okta to secure their business applications and azure tenants, a cloud service platform by Microsoft.
There are two major security factors in this breach.
1. There are still legacy credentials methods used to secure cloud infrastructure and business applications.
Our Cyber Risk Mitigation expert Dhaval Shah has said:
“The issue with the legacy credentials here is very serious. It appears that hackers were able to use remote access services and other tools combined with stolen credentials to easily gain access to okta and other systems. First step to remediation is to enforce password change across the enterprise. Next is to evaluate your access audit history and take corrective actions including talking to cloud risk mitigation team that can help you set up next generation defense.”
Now is the time to take advantage and upgrade to multi-layer, next generation rainbow secure single sign on and login security solutions to secure your azure cloud tenants, databases, emails and other business applications.
In this scenario, it would have been virtually impossible for hackers to make use of any text credentials they found if interactive rainbow secure platform was guarding the cloud and business applications. Colors and styles give incredible power 20x strength to your security and keep you safe from modern cyber threats.
2. Export of domain passwords and storing it unencrypted in file system.
This issue can be resolved by locking down the user workstations, providing periodic cyber hygiene training refreshers and doing periodic surprise security threat assessments. Moreover, providing login options that make it secure but not give additional burden or stress goes a long way in user participation in the security workflows.
Another highlight of the hack has been the delayed disclosure of the hack and has been accepted by the okta team.
Today everyone is online and everyone is one day hackable but there is a need to shed the inherent guilt mindset. It’s now becoming legally binding to disclose your cyber breaches within reasonable timeframe so that other businesses and individuals can take preventive actions, launch investigations of their own. Read more here – Security Breach Notification Laws (ncsl.org) There should be no stigma in reporting the breach. Lets work together to make this world secure and give right access to the right people.
For organizations looking to improve their security, user experience, compliance and avoid security pitfalls mentioned in this article reach out to hello@rainbowsecure.com and subject: Multi-layer defense for my business.
About Rainbow Secure
Rainbow Secure offers completely auditable, transparent IAM and SSO platform on the cloud that secures your apps and business services running on cloud and on premise without device or operating system dependency.
Limited time offer: Special discounts for businesses who want to switchover to rainbow secure for their user identity management, single sign on and multi-layer login security needs.
#CyberAttack #BruteforcePrevention #PhishingMitigation #StayCyberSafe #CyberNews #RainbowSecure #InfrastructureSecurity #HackingNews #Cybersecurity #CISA #FBI #Infragard #IdentityManagement #SingleSignon #riskmitigation
