Case study of a real-life example of a cloud-native data breach, how it evolved and how it possibly could have been avoided.
The company is a photo-sharing social media application, with over 20 million users. It stores over 1PB of user data within Amazon Web Services (AWS), and in 2018, it was the victim of a massive data breach that exposed nearly 20 million user records. This is how it happened.
Step 1: Compromising a legitimate user. Frequently, the first step in a data breach is that an attacker compromises the credentials of a legitimate user. In this incident, an attacker used a spear-phishing attack to obtain an administrative user’s credentials to the company’s environment.
Step 2: Fortifying access. After compromising a legitimate user, a hacker frequently takes steps to fortify access to the environment, independent of the compromised user. In this case, the attacker connected to the company’s cloud environment through an IP address registered in a foreign country and created API access keys with full administrative access.
Step 3: Reconnaissance. Once inside, an attacker then needs to map out what permissions are granted and what actions this role allows.
This story is from the {{IssueName}} edition of {{MagazineName}}.
Start your 7-day Magzter GOLD free trial to access thousands of curated premium stories, and 9,000+ magazines and newspapers.
Already a subscriber ? Sign In
This story is from the {{IssueName}} edition of {{MagazineName}}.
Start your 7-day Magzter GOLD free trial to access thousands of curated premium stories, and 9,000+ magazines and newspapers.
Already a subscriber? Sign In
Larger Datacenters And Better Services
With Managed Services and Public Cloud signaling a paradigm shift in the Datacenter market, Netmagic is building on the company’s strengths, and the NTT connection to spearhead the evolution with a Multi Hybrid Cloud strategy and Public Cloud partnerships to maintain its leadership position in Indian Enterprise segment.
Bringing Elements Of AI To Enterprise Infrastructure
VIKRAM K SENIOR DIRECTOR, DATA CENTER AND HYBRID CLOUD, HPE INDIA“In current environments, IT departments face a mounting pressure to resolve the most complex and unique challenges plaguing the datacenter which account for 80% of the pain IT is facing today.”
Enabling It With Strategic Business Goals
PRIYABRATA SARANGI CIO, EXIDE INDUSTRIES“As a professional, I have always respected business requirements and priorities which demand delving deep into business processes to create better solutions. Technology partners have played a key role through my journey by helping me innovate. In fact, CtrlS has helped me align IT with my company’s strategic business goals.
Just The Time To Move Away From 'Mobility'
VIKAS GUPTA Head IT, Essar India“While current mobility patterns are based on menu-driven, GUI-based tools; Ubiquitous Computing holds the promise of understanding natural human interactions such as presence, movement, or speech.”
Evolving Face Of Insider Threat
LALIT CHACKO GM – IT INFRASTRUCTURE & SECURITY OPERATIONS, IBM INDIA“It’s time the CIOs, CTOs, CISOs take cognizance of the lurking insider threat from a growing workforce which is, complacent, inept, ignorant, averse to change, working in silos and apathetic to the management”
CDOs Vital To Digital Reinvention Of Enterprises: Accenture Report
IT World Roundup
Tech Talk At NYSE: Devops, Design Thinking And Industry 4.0
The New York Stock Exchange recently welcomed some top Global manufacturing and financial CIOs in order to have a through provoking discussion on emerging technologies and comparison of processes across industries. The tech talk threw some great insights for the manufacturing industry on how to move forward with Industry4.0.
India Is Amongst The Fastest Growing And Evolving Cloud Markets In The World
Indian cloud market is growing on a fast track and each vendor has a contribution to this growth. Ravindra Kelkar, Area Vice President, Sales & Services, India Sub-continent, Citrix is speaking about Citrix’s strategy.
Iot Security: Challenges And Solutions!
Going forward IOT security is important as there will be billions of devices connected. The connected devices concept is fantastic but is equally damaging as a malicious bot can crawl up to your core functions and access your core database.
Witnessing The Cloud Revolution
“India’s Booming Cloud Market is set to Be Worth $4.1 Billion By 2020,” Forbes’ validation has strengthened the morale of the Enterprise India. It is no longer just about the potential benefits of Cloud that is the driving force behind the conversion. Rather it is the testimonials of the CIOs who have been navigating the Cloud Market to enhance their business functionality, cost-effectiveness and overall management.