Page 51 - index
P. 51
people will reuse the same credentials across multiple sites. I am probably pretty averages in
having twenty plus services that I regularly use, and two factors are common on most of them –
the username and password. My imagination and my intellect simply don’t permit me to
remember twenty unique passwords containing uppercase, lowercase, a numeric and a special
character. So breaching my Target account and gaining access to my credentials simply opens
up the door to probably every other service I subscribe to.
The problem is exasperated with the explosive growth of business cloud based services. Again
the dependence on usernames and passwords means that the business users will frequently
use the same password for their business applications as they use for their social media and
consumer services. The only modification is likely to be their username which goes from a
personal address to a business address, but the passwords stay the same.
Breach Pandemic
The sheer scale of cyber-attacks has become overwhelming. Millions of customers have seen
their information stolen in attacks on companies including Target, Home Depot and JPMorgan
Chase & Co. Banks and retailers are popular targets because of the access they have to
consumer financial information. A recent report PWC estimated that more than 117,000 cyber-
attacks hit businesses each day.
Breaches such as those just discovered at Target, the NSA, or wherever, all follow a set pattern.
Breaches are not a shot in the dark, but require careful planning and execution.
In the first instance, the attacker has to identify the target, essentially looking for the weakness
in the defense. Multiple tools are available on the Internet that allows anyone to scan for
systems or components that have vulnerabilities. Once the point of entry is identified, the next
step is to gain entry. In other words, looking for access to a system which can then be used as
an escalation point.
In the book “Cyber Warfare: Techniques, Tactics and Tools for Security Practitioners by Jason
Andress and Steve Winterfeld”, they clearly describe the attack process. The attack process is
usually focused on a particular system, or set of systems, which an attacker attempts to access,
either by using an outright attack or using credentials that have been discovered somewhere in
the environment, through social engineering, or other means. Once access to a system is
achieved, the next step is to escalate the account on the system in order to escalate the level of
access that the attacker has in order to accomplish their goals. The target for such privilege
escalation is often root or administrator level access, giving the attacker relative freedom on the
system. Given the needed level of access to the system, the attacker can then remove any
information that they wish to, cause damage to the environment in any way that benefits them,
and install any measures that they need to in order to ensure future access.
Is Two Factor Authentication The Answer?
Many of us are familiar with the use of 2FA technology, and many of us carry a fob with us to
gain access to our business systems. But as the migration away from the corporate data center
51 Cyber Warnings E-Magazine – December 2014 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
