Tanium comments on Coca-Cola hack
As the news of the major news of a hack at Coca-Cola by a Russian linked hacker group this morning, the comment from Zac Warren, Senior Director of Cybersecurity Advisory EMEA at Tanium:
“Russian linked hacker group, Stormous, has allegedly said that it has hacked Coca-Cola and stolen financial data, passwords, and other account details. It appears that the stolen data has gone on sale via Telegram for more than $640,000 or more than $16m in Bitcoin.
Although Coca-Cola has said it is looking into the hack, I hope that it has complete visibility of its IT environment and data so that it knows exactly what has been stolen and from where.
There are three major learnings that organisations can take to protect themselves against future attacks like these. These are multi-factor authentication, patching and understanding exactly where the critical and sensitive data is stored…
By having a multi-factor authentication place, when hackers first infiltrated the systems, businesses would receive an alert about the suspicious activity and be able to identify exactly where on the system the threat actors were. This could have given them the ability to remove the attacker from the network before any data is stolen.
Businesses should also ensure that all of their data is patched and on the latest version of each system to prevent vulnerabilities from opening up. These vulnerabilities in the software can create an easy entry point for hackers, allowing them to move around the network freely. By having a comprehensive patching program in place, it will often prevent such access and ensure that there are limited vulnerabilities on the network.
Finally, by having clear visibility of exactly what critical and sensitive data the organisations holds and where it is held, an organisation will know what has been stolen and what technique was used to do it. This visibility will also help businesses protect themselves against attacks by monitoring where the sensitive data is continuously in real-time. Until people start focusing on this capability, we’re going to continue seeing these types of breaches.”