Uber drivers in the United States, who had to take ride bookings before knowing where they were going, will soon see details of wanted rides along with fares – Copyright AFP/File Logan Cyrus
Uber internal systems have been hacked and many of the company’s vulnerability reports were stolen. The attacker shared screenshots with full access to many of Uber’s critical IT systems, including the company’s Windows domain and security software.
The hacker also gained access to the company’s Amazon Web Services console, VMware ESXi virtual machines, the Google Workspace email admin panel, and the Slack server to which the hacker posted messages.
New York Times, who first reported the hack, said the attacker broke into Uber after conducting a social engineering attack on an employee and stealing their password. The attacker then gained access to the company’s internal systems using the stolen credentials.
Studying this question for digital magazine Keith Nilson, tech evangelist in CloudSphere.
Neilson begins by explaining why a firm like Uber is a prime target for criminal cybergroups: “Large enterprises entrusted with large amounts of sensitive customer data are required to establish strong barriers to control access. For modern organizations, basic password protection is not enough to ensure proper identity access control and security of all cyber assets.”
According to Neilson, the business community needs to consider the implications of this and take appropriate action: “Malware attacks of this magnitude show that companies need to go beyond password best practices—they need to prioritize next-generation secure access and authentication. . Developing new and improved alternatives to password management starts with implementing a robust cyber asset management strategy.”
However, a simple action can go awry if the action is inappropriate. This means special levels of security. Here Neilson states: “In the context of this incident, the most important thing to consider is that there is no way for companies to fix what they cannot see. Given the layered implications between data, assets, applications, and users, companies can only start enforcing identity and password management policies when they provide full visibility into their attack surface.”
As for how this translates into a measurable impact, Neilson suggests: “Hence, the first step to an effective cyber asset management strategy is to take inventory of all cyber assets hosted in a company’s IT space. Once all assets are accounted for, businesses can implement and implement better authentication methods and security measures. Without this integration, passwords will continue to be used as a fallback, leaving valuable data vulnerable to attack.”