Reiteration
There’s “evolving intelligence” that the Kremlin is actively exploring its cyberattack options, President Biden said in a statement Tuesday morning.
The president reiterates his warning about the potential that Russia could conduct malicious cyber activity against the United States, including as a response to the unprecedented economic costs we’ve imposed on Russia alongside our allies and partners. It’s part of Russia’s playbook.
Most of America’s critical infrastructure is owned and operated by the private sector and critical infrastructure owners and operators must accelerate efforts to lock their digital doors, urging private sector partners to harden cyber defenses immediately by implementing the best practices developed together over the last year.
Timing is Everything
Okta provide identity services such as single sign-on and multifactor authentication used to help users securely access online applications and websites.
It competes with Microsoft, also attacked by Lapsus$, following the Nvidia and Samsung attacks a few weeks ago.
Chief Security Officer David Bradbury said in a blog post that a customer support engineer working for a third-party contractor had his computer accessed by the hackers for a five-day period in mid-January and that “the potential impact to Okta customers is limited to the access that support engineers have.”
“There are no corrective actions that need to be taken by our customers,” he said.
Nevertheless, Bradbury acknowledged that support engineers were able to help reset passwords and that some customers “may have been impacted.” He said the company was in the process of identifying and contacting them.
While publically-traded vendors typically downplay the severity of these types of attacks, speculation on the real severity varies significantly.
Here are steps you can take to gauge infiltration into your network, persistence during the attackz, and exfiltration.
WootCloud Helps Detect Attacks In Moment of Intrusion, During Intrusion, and Attack
It is critical to monitor, alert, and defend against breaches into your network, persistence of intruders traveling through your network, and exfiltration attempts as intruders steal your data and IP.
Once an attacker gains access, then they must perform a certain number of steps to achieve their goal, which is typically to access and steal, manipulate or destroy data. Rarely, will an attacker “land” on the device with the desired data or be the sole resource to carryout their objective. So the attacker must perform many different actions, including probing the network, stealing or cracking credentials, accessing sensitive servers or applications, and locating and exfiltrating data.
These activities create inherent opportunities for attackers:
- Attacks Create Anomalous Network + Device activity
- A Behavioral Baseline Specific to the Network (and not Static) can help isolate unusual activity.
- A Behavioral Anomaly indicative of attack can help security analysts quickly pinpoint and root out attackers.
Business Value
Our mission, like yours, is to provide your employees, students, faculty and more with a safe, user-friendly and secure environment by:
- Giving Full visibility – with RF and Network sensors seeing 100% of your devices and infrastructure encompassing all stages of attack – infiltration, persistence, and exfiltration
- Reducing Mean Time to Resolution (MTTR )– with AI/ML-powered, automated remediation that drives >70% reduction in threat hunting times
- Boosting User Experience – by reducing support ticket volumes, lowering alert noise for a >60% gain in operational efficiency (~1.4 FTE Service Savings per site/ per shift)
Each of these benefits on their own can offer 5-6 figure USD savings per year, shortening the payback period on your investment.
The perfect cybersecurity storm has arrived. Consider intelligent device and infrastructure security today.
To learn more in a zero touch, no obligation Demo or POC, please contact us.