Snowflake Falls Victim to Cyber Attack

Snowflake is a cloud provider who houses information from big companies such as AT&T, Lending Tree, Live Nation, Advanced Auto Parts, and Santander Bank. AT&T found out that the attack occurred in 2022 for a six-month period. The hackers tapped into information involving subscribers' calls and text messages. The data did not include customer names, nor did it include the context of calls or texts. Snowflake did not utilize basic password authentication during the time of the attack.

Multi-factor authentication (MFA) is a simple authentication method used in companies to keep user authentication in check. The hacker with the username, UNC5537, was able to authenticate into Snowflake's system using malware to download customer data and then they attempted to sell the data online. Snowflake did not use MFA during the time of the attack in 2022. They had announced the data leak on May 30, 2024, that they were aware of the data leak on May 23,2024. Since the discovery of the data breach, they have enforced the mandatory use of MFA.

This attack comes to show the MFA is a really important implementation when it comes to protecting unauthorized users from the system. The attack left Snowflake's stocks to fall. Snowflake has since then worked with CrowdStrike, a cybersecurity software vendor, and Alphabet's Mandiate to investigate the issue. AT&T did not worry about their finances, but with 242 million customers and 128 million connected devices in May 2024, their reputation was harmed in light of this news.


Reference: https://www.cnbc.com/2024/07/12/snowflake-shares-slip-after-att-says-hackers-accessed-data.html?msockid=16c5f83fe7da6b2724c5f6d4e6726a1d 

Comments

Post a Comment

Popular posts from this blog

What is Computer Security?

The general overview of computer security is to protect and secure computers' data, networks, software and hardware from unauthorized access, misuse, theft, information loss, and other security issues. Although the internet has made it simpler for us to live our lives with many advantages, it has also put our system's security at risk of malware. Malware is malicious software which includes adware, spyware, ransomware and trojan horse.  Technology is ever-growing around the world and we, as the modern people, cannot go a day without today's technology. This ever-growing technology introduces invaders, hackers, and thieves who are all attempting to gain access to our information for personal gains, whether that be monetary gains, recognition purposes, ransom demands, bullying others, and invading other businesses or organizations. This makes computer security a very important topic. The three key objectives that are the heart of computer security are confidentiality, integri...
Read more

Ransomware Groups Cause Mayhem to Industries in 2024 and 2025

Ransomware groups are being investigated internationally, as the attacks disrupt operations. The cyber-criminals behind are growing and even though their operations were disrupted, some in those groups disband and join other groups called RansomHub. BlackCat/ALPHV and LockBit are the name of the other notorious cyber-criminal groups that deploys ransomware. These cyber-criminal groups have claimed 13% more healthcare victims in 2024 with RansomHub as the top cyber-criminal group. These ransomware-as-a-service (RaaS) groups are known now and are being highlighted in the annual Ransomware and Cyber Threat Report from the GuidePoint Security's Research and Intelligence Team (GRIT). GRIT has described law enforcement intervention successful in stopped these attacks, however the attacks continue due to affiliates moving from one RaaS group to another. Law enforcement intervention only decreased last year's ransomware attacks by 8% compared to 2022-2023's 76.8% growth. This avera...
Read more

XZ Utils Supply Chain Attack

XZ Utils is a free software tool that implements compression/decompression algorithms such as XZ and LZMA. These algorithms are used in Unix systems and Linux systems to compress and decompress data. The CVE-2024-3094 backdoor found in XZ Utils was designed to interfere with authentication in Secure Shell Daemon (SSHD), which is the OpenSSH server software that handles Secure Shell (SSH) connections. This backdoor enabled an attacker to execute codes remotely via a SSH login certificate. This only impacts versions 5.6.0 and 5.6.1.  The attacker, Jia Tan with the username of JiaT75, slowly built trust with developers, as many contractors work in XZ Utils. He got to the point where he became co-maintainer of the XZ Utils project and in July 2023, he requested to disable ifunc (GNU indirect function), which is a public tool to detect software vulnerabilities to allow the backdoor to stay undetected upon release. After being on the project for about 2 years to ensure the backdoor could...
Read more