Uber Breach - Osirium comment
September 2022 by Mark Warren, Product Specialist, Osirium
In light of the Uber breach news this morning, the comment below from Mark Warren, Product Specialist, Osirium.
"This breach shows once again that there is no silver bullet to security and education is a critical component to any solutions you have in place. The full details of the incident aren’t known yet, but there appears to be several issues at Uber that the attacker exploited. Ultimately starting with targeting an employee and then using internal communications tools to hunt around the network where they happened to find unprotected credentials to the PAM system - effectively providing the attackers the keys to unlock everything.
The lesson to learn is, as always, get the fundamentals in place: train users to avoid being manipulated by attackers, but back that up with MFA everywhere. This can prevent unauthorised software installs (although probably not involved in this case), ensure all privileged activity is monitored, recorded and logged, and use a secure automation rather than risky shell scripts."
Related articles: