What can we learn from this massive IoT breach?
Feb, 06 2020 | Digital Ecosystem, Data
In a recent shocking incident, an organized cyber criminal group hacked the usernames and passwords of servers and routers of over 5 lakhs Internet of Things (IoT) devices. It has shocked the entire IT security community of the USA and the rest of the world. It is quite imperative to note that the hackers intended to gain remote access of the affected devices and steal as much information as possible to put it on the Dark Web. It was even found that the hackers performed a thorough scanning of the IT infra to identify vulnerabilities and installed malware, which allowed them to use different login credentials to perform all the anomalies.
The digital transformation could go for a toss if….
The digital transformation happening due to automation of business processes, Artificial Intelligence, Machine Learning and IoT is transforming our day-to-day life. Organizations - large or small - across the spectrum have several use-cases that have necessitated the increasing use of new technologies. However, these new technologies also pose a huge Information Management risk. When organizations build a network of interconnected devices and manage a large stream of data whether hosted on-prem data centers or public clouds, the threat vector multiples. It happens as the digital ecosystem necessitates the creation of digital identities or ‘privileged identities’. As more and more data is generated to make well-informed and quick decisions, the IT network expands. Networks become segmented and distributed. IT systems are accessed remotely. Organizations may have several third-party relationships that include OEM suppliers, consultants, contractors, and managed service providers. In this backdrop, if an organization is unable to govern on who has the control of data, who is authorized to access information and or monitor and audit the digital identities and their activities-- unauthorized access is inevitable.
Robust Authentication is the key to secure the digital ecosystem
Information security is increasingly vulnerable due to targeted attacks. Such types of attacks mainly arise due to ‘privilege’ identity abuse. Unmonitored and uncontrolled privileged access becomes possible when the authentication mechanism is weak in the digital ecosystem. Inadequate privileged user authentication process, abuse of shared credentials, absence of multi-factor authentication, misuse of elevated privileges are some of the IT security challenges that are faced by organizations from all industries including new technologies. ARCON | Privileged Access Management provides a framework that helps IT security leaders to strengthen the authentication mechanism. Throughout the network, the digital identities are not only continuously assessed for audit purposes but the multifactor authentication which includes adaptive authentication ensures that access to target systems is always authorized.
ARCON is a leading enterprise risk control solutions provider, specializing in risk-predictive technologies. ARCON | User Behaviour Analytics enables to monitor end-user activities in real time. ARCON | Privileged Access Management reinforces access control and mitigates data breach threats. ARCON | Endpoint Privilege Management mitigates risks arising out of endpoints. ARCON | Secure Compliance Management is a vulnerability assessment tool.