DATA SECURITY
By Chris Pace, Head of
Product Marketing, Wallix
19
Chris Pace examines the security lessons businesses
should take onboard following the TalkTalk hack.
Introduction
A seven per cent drop in share price, £200,000 cut
from its forecast numbers for customer growth and
a likely grilling from a Commons Select Committee
for the company’s CEO. These were just some of
the consequences that mobile phone operator and
broadband provider TalkTalk faced following its highly
publicised hack last year. Although its share price
recovered quite quickly, the hit to its reputation will
take much longer to restore and the hack will have
served, once again, to highlight how damaging a
visit from a cyber criminal can be to a company.
Deloitte predicts that 73 per cent of consumers would
reconsider using a company if it failed to keep their
data safe.
The breach will also have made senior
management everywhere fret even more about
whether their own defences are good enough. And
it’s not just senior management that’s fretting, which
is why the UK Government has authorised an extra
£1.9 billion to bolster our national defences.
Strengthening Internal Access
In the wake of the hack we heard all kinds of
speculation about the motives of these attackers, the
methods they might have used and their ultimate
goals. There were experts who blamed international
terrorists or Eastern European crime syndicates.
Then the arrests came, police took two 16 year
olds, a 15 year and a 20 year old in for questioning.
It’s now clear that these attackers’ likely route into
TalkTalk systems was through a vulnerability in its
website that was exploited by SQL injection. Nothing
new there. In fact, there is very little in terms of
technology that’s new about this breach. It’s the
volume of the data and the nature of the company
that has really been the cause of the alarm. One
man claiming responsibility for the TalkTalk breach
describing the company’s security as “terrible, that’s
being honest with you, horrible.” Contrast that with
the words of Chief Executive Dido Harding claiming
TalkTalk was “head and shoulders” better than its
competitors when it comes to securing customer
data. As with the Sony Entertainment hack in 2014
it may have been the weaknesses in internal security
that resulted in the hackers being able to access
almost the entire network and peruse the network
and associated databases at their leisure. Passwords
and shared accounts stored on the network in plain
"The breach will also have made senior
management everywhere fret even more about
whether their own defences are good enough."
text or that can be easily brute forced with simple
tools gave hackers the weakness they needed. This is
another hack that serves to highlight that securing
data and systems on the inside of a network is just
as important as heavyweight perimeter defences.
After the initial breach, when there are few internal
barriers, lateral movement and therefore damage is
easy. Strengthening internal access provision isn’t
just a cyber threat deterrent; it prevents the likelihood
of misuse of systems by insiders, which actually
accounts for the majority of data breaches.
www.networkseuropemagazine.com