The biggest cloud breaches in 2014 and what to learn from them
Even if you didn’t follow the cyber security news last year, it was hard to miss the headlines of breaches across multiple industries.
The challenge companies and organizations are always facing is that attackers are constantly attempting to breach their systems, and they only have to be successful once to compromise sensitive data. Meanwhile, IT security teams have to be successful every single day to prevent a damaging breach.
The groups attacking companies are increasingly sophisticated and well-funded, and include nation-backed groups, criminal organizations, and terror groups. And perhaps the most dangerous are groups motivated by profiting from stolen data. Here is a quick look at 2 of the biggest cloud breaches in 2014:
- Heartbleed
According to Heartbleed.com, security experts discovered that the Heartbleed bug was a significant weakness in one of the most widely utilized cryptographic software libraries today, OpenSSL. Heartbleed impacted OpenSSL, a critical piece of infrastructure used to secure 17.5% of all SSL-protected websites on the Internet including Yahoo!, Facebook, GitHub, Amazon Web Services, and Instagram. Even 24 hours after Heartbleed was publicized, 368 cloud providers were still vulnerable to the bug. Heartbleed was damaging not just because it was so widespread, but because it was also easy to exploit. And the exploit left little or no traces in the server logs of compromised systems.
This case teaches us one of the most important technology lessons a business can learn – you can’t plan for everything. No one can forecast just how systems will react, especially when there are so many points where they can fail. Heartbleed isn’t the last failure that companies will experience. However, it does show the value of responding quickly to mitigate the damage.
- Target
When the breach first occurred in the Target case, it received nationwide attention as it affected such a large number of people and their credit cards. The hackers were able to install malware on the in store point-of-sale terminal that was designed to steal credit card information as transactions were processed. The hackers were able to get access to the infrastructure because of credentials obtained from an HVAC service in what has become the largest and most costly breach in recent history:
- 40 million records of credit and debit card information were stolen
- 70 million records stolen that included the name, address, email address and phone number of Target shoppers
- 46% drop in profits at Target in their 4th quarter
- $200 million cost to credit unions and community banks for reissuing 21.8 million cards
- $53.7 million that hackers likely generated from the sale of 2 million cards stolen from Target and sold at the average price of $26.85
What did we learned
The common pattern around the recent data breaches is that hackers simply exploited vulnerabilities in traditional systems that the companies did not take steps to address. I suspect thousands of systems out there have the same kinds of vulnerabilities, so more breaches are coming.
Those who deploy cloud systems can learn a lesson from these breaches: security needs to be fundamental. Security can’t be an addition at the end of the build process. Instead, it must be continually updated during the life of the system. The effectiveness of security depends wholly on the planning and technology applied to the problem, for both cloud and traditional systems.
Photo Credit: https://www.flickr.com/photos/109482844@N07/12150175906/
