Equif*xd

 In ITC's Threat of the Week

This week ITC had an AWS event in the City immediately before the customer summer social so details may be hazy for some!

We had excellent talks, the first from Danilo Poccia, AWS technology evangelist and serverless technology geek; Check out his fantastic github here. Danilo was followed by Dob Todorov from HeleCloud who was formerly an employee of AWS and is now Helecloud’s Chief Cloud Officer (did you even know they existed?). Dob discussed the numerous opportunities for building robust security in the cloud complete with alerting, reporting and automated remediation. ITC is working with Helecloud to develop next generation security innovation in the cloud, which we would be happy to talk about to any of you that couldn’t make it to the event.

Following on from Dob was yours truly, the portent of doom and Chief Cynical Officer. As part of the talk, major breaches of the past 2 months alone were discussed. As it so happens all of these were from misconfigured AWS S3 buckets, which are as you will all know, secure by default, so you have to be negligent to leave them wide open to the public or a subset of the public (such as all other AWS users). The league table of breaches looked like this:

  • Time Warner, 4 million customer details. This week
  • TigerSwan, Details of thousands of security cleared mercenaries etc. Last week
  • Chicago election board, 1.8 million subscribers details. August 2017
  • Verizon, 14 million customer details. July 2017

“Wowser!”, one thinks. “That is a lot of breached data, you would have to go some to beat good old Verizon to the Championship”. Well that is what you might have thought if you were at the talk, kept up to date with breaches like a dog sniffing lampposts or worked in Information Security.

In an indescribable, terrible turn of events, Verizon’s breach now looks like a hiccup in a thunderstorm. None other than Equifax, yes yes the arbiters of credit ratings for just about everyone, announced today a breach of no fewer than the details of 143 MEELION people, mostly from North America, but some in the UK and Europe.

Now to be clear, this has nothing to do with Amazon S3 buckets. It appears that perpetrators went straight through the front door using a ‘website application vulnerability’. Hmm we will no doubt find out more about that in due course. Maybe Marissa Mayer (of Yahoo! fame) has recently started at Equifax in an advisory role?

You can look at the Equifax statement here.

Since this breach may affect nearly half of the American population, it is a really massive deal. Our thoughts go out to the victims and all of those trying to deal with this shocker.

If you are registered with Equifax, our advice remains boringly the same as usual: Change your password, make sure that you haven’t reused that password anywhere else (use a password manager for gawds sake) and use two factor authentication where you possibly can, in fact if they don’t support 2FA, we would advice against using them in the first place.

If you would like to discuss breaches, how to stop them, how to deal with them (no, no not how to start them), AWS innovation at ITC or any other Information Security related topic, please contact us at: [email protected] or call 020 7517 3900.

Author: Kevin Whelan

Recent Posts

Leave a Comment

Tel:
+44 (0) 20 7517 3900

 

Contact ITC Secure

If you have a question, request, comment or requirement, please send us an email now and we will get back to you by return

totwtotw