Native Data Breach: Anatomy Of A Cloud
Enterprise IT World|June 2019

Case study of a real-life example of a cloud-native data breach, how it evolved and how it possibly could have been avoided.

Sanjay
Native Data Breach: Anatomy Of A Cloud

The company is a photo-sharing social media application, with over 20 million users. It stores over 1PB of user data within Amazon Web Services (AWS), and in 2018, it was the victim of a massive data breach that exposed nearly 20 million user records. This is how it happened.

Step 1: Compromising a legitimate user. Frequently, the first step in a data breach is that an attacker compromises the credentials of a legitimate user. In this incident, an attacker used a spear-phishing attack to obtain an administrative user’s credentials to the company’s environment.

Step 2: Fortifying access. After compromising a legitimate user, a hacker frequently takes steps to fortify access to the environment, independent of the compromised user. In this case, the attacker connected to the company’s cloud environment through an IP address registered in a foreign country and created API access keys with full administrative access.

Step 3: Reconnaissance. Once inside, an attacker then needs to map out what permissions are granted and what actions this role allows.

This story is from the {{IssueName}} edition of {{MagazineName}}.

Start your 7-day Magzter GOLD free trial to access thousands of curated premium stories, and 9,000+ magazines and newspapers.

This story is from the {{IssueName}} edition of {{MagazineName}}.

Start your 7-day Magzter GOLD free trial to access thousands of curated premium stories, and 9,000+ magazines and newspapers.

MORE STORIES FROM ENTERPRISE IT WORLDView all
Larger Datacenters And Better Services
Enterprise IT World

Larger Datacenters And Better Services

With Managed Services and Public Cloud signaling a paradigm shift in the Datacenter market, Netmagic is building on the company’s strengths, and the NTT connection to spearhead the evolution with a Multi Hybrid Cloud strategy and Public Cloud partnerships to maintain its leadership position in Indian Enterprise segment.

time-read
5 mins  |
January 2018
Bringing Elements Of AI To Enterprise Infrastructure
Enterprise IT World

Bringing Elements Of AI To Enterprise Infrastructure

VIKRAM K SENIOR DIRECTOR, DATA CENTER AND HYBRID CLOUD, HPE INDIA“In current environments, IT departments face a mounting pressure to resolve the most complex and unique challenges plaguing the datacenter which account for 80% of the pain IT is facing today.”

time-read
3 mins  |
January 2018
Enabling It With Strategic Business Goals
Enterprise IT World

Enabling It With Strategic Business Goals

PRIYABRATA SARANGI CIO, EXIDE INDUSTRIES“As a professional, I have always respected business requirements and priorities which demand delving deep into business processes to create better solutions. Technology partners have played a key role through my journey by helping me innovate. In fact, CtrlS has helped me align IT with my company’s strategic business goals.

time-read
5 mins  |
January 2018
Just The Time To Move Away From 'Mobility'
Enterprise IT World

Just The Time To Move Away From 'Mobility'

VIKAS GUPTA Head IT, Essar India“While current mobility patterns are based on menu-driven, GUI-based tools; Ubiquitous Computing holds the promise of understanding natural human interactions such as presence, movement, or speech.”

time-read
4 mins  |
January 2018
Evolving Face Of Insider Threat
Enterprise IT World

Evolving Face Of Insider Threat

LALIT CHACKO GM – IT INFRASTRUCTURE & SECURITY OPERATIONS, IBM INDIA“It’s time the CIOs, CTOs, CISOs take cognizance of the lurking insider threat from a growing workforce which is, complacent, inept, ignorant, averse to change, working in silos and apathetic to the management”

time-read
4 mins  |
January 2018
CDOs Vital To Digital Reinvention Of Enterprises: Accenture Report
Enterprise IT World

CDOs Vital To Digital Reinvention Of Enterprises: Accenture Report

IT World Roundup

time-read
1 min  |
January 2018
Tech Talk At NYSE: Devops, Design Thinking And Industry 4.0
Enterprise IT World

Tech Talk At NYSE: Devops, Design Thinking And Industry 4.0

The New York Stock Exchange recently welcomed some top Global manufacturing and financial CIOs in order to have a through provoking discussion on emerging technologies and comparison of processes across industries. The tech talk threw some great insights for the manufacturing industry on how to move forward with Industry4.0.

time-read
2 mins  |
January 2018
India Is Amongst The Fastest Growing And Evolving Cloud Markets In The World
Enterprise IT World

India Is Amongst The Fastest Growing And Evolving Cloud Markets In The World

Indian cloud market is growing on a fast track and each vendor has a contribution to this growth. Ravindra Kelkar, Area Vice President, Sales & Services, India Sub-continent, Citrix is speaking about Citrix’s strategy.

time-read
4 mins  |
March 2019
Iot Security: Challenges And Solutions!
Enterprise IT World

Iot Security: Challenges And Solutions!

Going forward IOT security is important as there will be billions of devices connected. The connected devices concept is fantastic but is equally damaging as a malicious bot can crawl up to your core functions and access your core database.

time-read
3 mins  |
March 2019
Witnessing The Cloud Revolution
Enterprise IT World

Witnessing The Cloud Revolution

“India’s Booming Cloud Market is set to Be Worth $4.1 Billion By 2020,” Forbes’ validation has strengthened the morale of the Enterprise India. It is no longer just about the potential benefits of Cloud that is the driving force behind the conversion. Rather it is the testimonials of the CIOs who have been navigating the Cloud Market to enhance their business functionality, cost-effectiveness and overall management.

time-read
8 mins  |
March 2019