Claroty: VPN Vulnerabilities Endanger OT Networks

Written by Edward Gately
July 31, 2020

Numerous servers are still vulnerable to exploitation.

… that [the] IT skills shortage became a pressing issue. It has always existed, but when the circumstances changed, it could no longer be ignored. Most hiring processes are on freeze, so organizations cannot expect to fix the issue quickly by employing experienced staff. This resulted in the growing need for the education of IT employees.”

For the most part, those who needed the cloud have already migrated, Tripp said. And the pandemic was a great opportunity to finish these projects.

“It seems that new cloud migration projects are currently on hold for many organizations due to other priorities such as data and network security,” he said.

Tripp sees a great opportunity for channel partners and MSPs who can offer professional services and address burning cybersecurity needs right now.

“Partners that will be positioning themselves as a team member that one can rely on will have more chances to fulfill their customers’ needs,” he said. “I advise them to offer data and network security packages that help organizations improve data access controls and visibility into configuration changes of network devices.”

The knowledge that partners have received from vendors will allow them to provide a decent level of expertise, Tripp said.

“Service providers should leverage their existing partnerships and create new ones to widen their cybersecurity offerings,” he said. “All organizations are challenged by the evolving threat landscape that requires protective measures to be taken right now. Unfortunately, no one has the luxury of time.”

Cheers to You, Hacker

It was revealed this week that alcohol delivery service Drizly is the latest victim of a data breach. Data and password hashes of 2.5 million users are now for sale on the dark web.

The hacker got customer email addresses, dates of birth (DOBs), hashed passwords and some delivery addresses. But there was good news. Drizly said the bad actor got no financial information, including credit or debit card information.

Drizly also said the investigation is ongoing, and “we have engaged a cyber security firm to help us identify all affected parties.”

Similar breaches have hit food delivery services recently, including Instacart and Doordash

Peter Klimek is director of technology at Imperva.

Imperva’s Peter Klimek

“Drizly’s breach notification contains very little concrete information about the attack vector itself,” he said. “But the combination of email addresses, physical and IP addresses, phone number and hashed passwords indicates that this was a full database compromise. While organizations often prioritize edge security controls, such as a web application firewall (WAF) and distributed denial of service (DDoS) mitigation to protect their websites and applications, they often overlook the security of their database servers, which leaves them susceptible to attack from malicious or compromised insiders. Without additional information, we can only speculate on the root cause. But a proper defense-in-depth strategy needs to ensure that all potential threat vectors are addressed to prevent these types of data breaches from occurring.”

Organizations that store and process sensitive data need a comprehensive information security strategy that prioritizes data protection, Klimek said.

“While there are many industry-specific regulations to choose from, newer organizations are typically best served by …