The Uber hack has been a big news story this weekend as the company suffered a systems breach even extending to internal tools such as Slack. The hacker used the company’s Slack account to show employees adult images, and employees quickly stopped using the channel.
Uber was contacted about the hack, and a spokesperson offered this; “We are currently responding to a cybersecurity incident. We are in touch with law enforcement and will post additional updates here as they become available.” Now, cybersecurity experts weigh in on the Uber hack and offer some insight.
Cybersecurity Experts On The Uber Hack
Szilveszter Szebeni – CISO at Tresorit
“With a sophisticated website, even accounts with SMS or app-based 2FA protections can be hijacked and in turn, cause enormous losses to an organization. Losses may even be the complete loss of all IT infrastructure from one day to the next. The extent of Uber’s losses will remain to be seen; a lot of IT systems may need to be reconfigured from scratch. Protection of credentials is the top priority, especially for admin accounts migrating to FIDO2 authentication will greatly reduce risk.”
Abhay Bhargav – Founder and CEO at AppSecEngineer
“The Uber breach highlights both the power and downsides of centralization. An employee account was compromised by being overwhelmed by Push Auth Notifications of Multi-Factor Authentication. This led to a PowerShell script getting discovered, with admin credentials to their Thycotic PAM (Privileged Access Management) tool. With all credentials being part of this PAM solution, now the entire org was compromised because the PAM had access to AWS, Google Workspace, Slack, and more. Often, even with best-in-class budgets or security tools, it comes down to compromising an employee with high privileges.”
Dr. Carmit Yadin – Founder and CEO at DeviceTotal
“Having situations like this in our cybersecurity world makes us even more careful about protecting our data and devices that hold them. First, in order to protect them, we need to identify and assess the risk of the organization, where they are vulnerable, and how we can mitigate and reduce the risk.
Most CISOs today have many blind spots in their network! and they forget that they secure as their weakest link many digital assets today are not being monitored or assessed against their risk
Our most naive devices can be the biggest open door to our network, and what if CISOs are blind to them, like in the case of unpatentable devices? CISOs’ work plan should include acting proactively and, in an automated way eliminating cyber-attacks.”
Matt Polack – CEO and Founder at Picnic Corporation
“The Uber hack is a prime example of how, with limited exposed personal data and social engineering, a hacker can trick, manipulate, or coerce a human and compromise a company’s systems. If companies want to stop social engineering attacks, they need to go beyond focusing on awareness training and instead increase employee-based protections against social engineering that begin with minimizing relevant public data hackers use to target them. Attackers are opportunists who care about their ROI—by limiting personal information; it becomes more difficult and therefore more expensive for threat actors to succeed in social engineering attacks. Companies that recognize this fact pattern and take action to protect their employees will be more likely to avoid expensive and damaging breaches like this.”
What do you think of the Uber hack? Please share your thoughts on any of the social media pages listed below. You can also comment on our MeWe page by joining the MeWe social network. Be sure to subscribe to our RUMBLE channel as well!