JD Sports admits data breach

JD Sports has warned customers that bought items on its website, as well as those of Size?, Blacks and Millets, between November 2018 and October 2020 may have been impacted in the breach.

The company has urged customers to be wary of potential phishing emails, calls and texts in the aftermath of the breach, while claiming they were proactively contacting those whose details were confirmed to be stolen. Paul Bischoff, Consumer Privacy Advocate at Comparitech echoed this sentiment, warning that “customers of JD and its affiliated brands should be on the lookout for targeted phishing messages from JD or a related company. These emails will attempt to get victims to click on a link or malicious attachment. The links might go imitation login pages where victims are tricked into handing over their passwords or payment info. Never click on links or attachments in unsolicited messages!”

While it is not believed that passwords or full payment card data was exposed, JD Sports has admitted that cybercriminals may have gained access to the final four digits’ of customers’ payment cards.

Neil Greenhalgh, CFO at JD Sports, apologised to affected customers and confirmed that the company is working to mitigate damages.

“We are continuing with a full review of our cyber security in partnership with external specialists following this incident. Protecting the data of our customers is an absolute priority for JD,” he said.

A spokesperson for the Information Commissioner’s Office later confirmed it was working with the retailer to get to the bottom of the breach.

“We have been made aware of a cyber incident involving the retailer JD Sports and we are assessing the information provided,” they said.

The breach comes amidst a spate of high-profile cyberattacks in recent weeks, including on the UK newspaper The Guardian and email marketing service Mailchimp. Jamie Akhtar, CEO and co-founder of CyberSmart, notes that “JD Sports is the latest British household name to fall prey to a cyber attack. And this really fits the trend we’re seeing; the current economic downturn has led to cybercriminals redoubling their efforts to steal potentially valuable personal data.” 

Aside from economic downturn, some experts have cited a fluctuating technology landscape as key factor in these high-profile cyberattacks.

“The JD Sports cyber incident is a reminder for all organisations that globally we can expect an increase in breaches due to our digital dependence, especially as businesses recover from the COVID technology shifts, and continuing threat shifts. Sadly, whilst companies spent years solidifying their capabilities for GDPR, in the last couple of years data has become far more fragmented by quick shifts to the cloud,” said Greg Day, SVP and Global CISO at Cybereason.

Erfan Shadabi, Cybersecurity Expert  at comforte AG, argued that cyberattacks on large retail and e-commerce businesses should come as no surprise, considering the enormous amount of sensitive personal data (PII) about existing and prospective customers, as well as their dependence on transactions to drive their business forward.

Retailers and e-commerce organizations must absolutely assume that their environment is currently under attack and protect this sensitive data accordingly. Businesses in these sectors need to apply data-centric protection to any sensitive data within their ecosystem (PII, financial, and transactional) as soon as it enters the environment and keep it protected even as employees work with that data. By tokenizing any PII or transactional data, they can strongly protect that information while preserving the original data format, making it easier for business applications to support tokenized data within their workflows,” he said. 







The post JD Sports admits data breach appeared first on IT Security Guru.

Data Privacy Day: Securing your data with a password manager

This year’s annual Data Privacy Day falls on January 28th. Each year, the day provides an opportunity to educate consumers and organisations alike on the importance of privacy and staying safe online. Since the awareness around data privacy is still somewhat lacking, we’ve come up with a piece that you can share with your less tech-savvy friends and family members. Staying secure online and protecting sensitive information is something that everyone should know how to do, not just IT professionals, which is why Keeper Security is sharing some of our top tips on how to do so.


Despite the fact that data is growing in value and being used more frequently by organisations, there still isn’t enough awareness around the many risks that come with the collecting and handling of it. Darren Guccione, CEO and Co-founder of  Keeper Security, has offered up some tips to best secure your online accounts and stay safe on the internet.


So, how can consumers protect themselves?


Improving your password habits:


  • Do not use any combination of characters that is easy to guess.
  • Avoid using the same password across multiple accounts as well as including any personal information.
  • Recognisable keystroke patterns or short passwords should also be avoided.
  • Don’t use repeated letters or numbers as a password.
  • Instead, use lengthy combinations of letters, symbols and numbers.
  • Create a memorable phrase called a passphrase, replacing certain letters with numbers or symbols in a random order.
  • Create mnemonic passwords, inspired by notable events for example.


Thinking before you click:


The biggest way to stay safe is to not share personal information online. Be wary of anyone you meet on the internet looking for specific details about your personal life. Also, don’t click on links or download attachments from emails that you are uncertain of. Always be sure to check the subject line as well as the sender email, and fact check the content before you proceed. Most importantly, though, is to secure your passwords and always make sure to use unique and strong passwords for every online account and application. For additional security, use a password manager to simplify the creation and maintenance of strong passwords.


What is a password manager?


In order to adequately protect your data online, it’s vital to secure your accounts. Seems easy enough, however many online users forget the number of accounts they own. With each account they have to (or should) have unique, strong passwords. Now, how easy is it to remember each and every individual password for all your online accounts?


Most people would say it’s not.


This is where a password manager comes in. It can not only safely store all existing passwords, but can also help users come up with new, strong passwords. They’re an excellent security solution that can be accessed from anywhere, be it your computer or your mobile devices. All data will be stored and protected from unauthorised threat-actors trying to steal credentials.


Adopting a password manager


A password manager allows you to store and protect your passwords with encryption and zero-knowledge security. This means that even if there were to be a breach, the threat-actor wouldn’t be able to access the passwords or steal them. Having a password manager also saves individuals the pain of having to remember all their passwords – instead, they can simply go on a website and it will fill their credentials in automatically.


Most password managers are supported by popular platforms like Windows, MacOS, iOS and Android. As such, it makes managing accounts much easier, taking the stress out of remembering and creating complex passwords to secure important accounts and sensitive data.

The post Data Privacy Day: Securing your data with a password manager appeared first on IT Security Guru.

T-Mobile Data Breach: 37 million customers affected

Roughly 37 million T-Mobile customers have had their information stolen in a data breach, according to a statement published by the company late last night. Fortunately, T-Mobile has said that while hackers accessed names, addresses, and dates of birth, they were not able to access more sensitive information such as Social Security or credit card numbers. 


But according to Sam Curry, Chief Security Officer at Cybereason, “what is or isn’t sensitive is an important question to ask. Whether or not sensitive data and financial information was lost, isn’t the point. Customer information is a privilege to hold, not a right; and while it’s great that T-Mobile’s network wasn’t compromised in this instance, and that outright theft wasn’t enabled through loss of direct billing numbers, eroding privacy and making it easier for hackers to compromise identities is still important and sensitive.” 

T-Mobile has also revealed the hacker leveraged an application programming interface (API) to obtain the data. This isn’t the first time a major telecom has been hit with a data breach at the hands of an API issue – just last year the Australian organisation Optus suffered a similar fate, being forced to allocate $140m to rectify the issue. 

An attack of this magnitude was bound to make waves in the industry, and experts are waiting with baited breath for the results of T-Mobile’s investigation. 

“It appears that T-Mobile moved quickly and, while the details aren’t yet known, the world is paying attention to the results of this investigation. Hackers are innovative, and companies with valuable data and services are always a target, but it remains to be seen if the compromises in 2023 are similar to the ones suffered by T-Mobile in 2021. Did the company learn from 2021? Was 2023 unique? Was this a case this time around if anyone can fail occasionally or is it worse than that? Only time and the facts will tell us and tell T-Mobile and fellow practitioners what the new lessons-to-be-learned are,” Curry continued. 

The post T-Mobile Data Breach: 37 million customers affected appeared first on IT Security Guru.

Cost of data breaches to global businesses at five-year high

Research from business insurer Hiscox shows that the cost of dealing with cyber events for businesses has more than tripled since 2018. The study, which collated data from the organisation’s previous five annual Cyber Readiness reports, has revealed that:

  • Since 2018 the median IT budgets for cyber security more than tripled
  • Between 2020 and 2022 cyber-attacks increased by over a quarter
  • Businesses are increasing their cyber security budgets year-on-year

In the Hiscox 2022 Cyber Readiness report, the financial toll of cyber incidents, including data breaches, was estimated to be $16,950 (£15,265) on average. As the cost of cybercrime grew, so did organisation’s cybersecurity budgets – average spending on cybersecurity tripled from 2018 to 2022, rocketing from $1,470,196.05 (£1,323,973.13) to $5,235,162.16 (£4,714,482.83). 

Hiscox has also revealed that half of all companies surveyed suffered at least one cyber attack in 2022, up 11% from 2020. Financial Services, as well as Technology, Media and Telecom (TMT) sectors even reported a minimum of one attack for three consecutive years. Financial Services firms, however, seemed to be hit the hardest, with 66% reporting being impacted by cyber attacks in 2021-2022.

Alana Muir, Head of Cyber at Hiscox, commented on the findings, saying: “Cyber risk has risen to the same strategic level as traditional financial and operational risks, thanks to a growing realisation by businesses that the impact can be just as severe. While there has been some fluctuation over the years, cyber attacks are on the rise, so the increased focus and investment from businesses to minimise damage to their brand, operations and customers is positive.

“A proactive approach to cyber security is the best way to reduce the likelihood of a cyber event and limit the impact. Businesses should regularly evaluate their processes, people management and knowledge of the subject, and aim to create a culture of cyber security where everyone is well-equipped to respond, should the worst happen.”



The post Cost of data breaches to global businesses at five-year high appeared first on IT Security Guru.

Data stolen after Hackers hit 14 UK schools

Hackers have launched a successful cyberattack against schools across the UK and has left confidential information related to pupils leaked online.
In total, 14 schools have been impacted, with the sensitive data stolen including passport details, which were likely needed for trips abroad, as well as contracts and pay scales for members of staff.
As reported by the BBC, the attack took place in 2022 with hacking group Vice Society named as the perpetrators. After refusing to refusing to pay the ransom, the information was posted online.
Vice Society have been known to target educational institutions in the UK and US, with a string of attacks associated to the group taking place recently. For instance, 500 gigabytes of data from the entire Los Angeles Unified School District were stolen and resulted in the FBI issuing an alert on the group’s activities as a warning
Commenting on the news and offering their thoughts and advice are the following cybersecurity professionals:
Erfan Shadabi, cybersecurity expert at comforte AG:
Given the troves of personal information stored within lower and higher education institutions, they will always be a target for cybercriminals. As a private individual, sometimes there’s no way to be sure that the services we use are protected by an adequate amount of security. Even if you don’t enter your ID, name, address, or even payment details, they can be used to start fraudulent activities. This incident is, however, very serious as many children’s PII was compromised. With an ever-growing attack surface, building just another wall around the institution’s network or a segment of sensitive data is not the best way forward, especially when it comes to phishing attacks that are likely to generate some hits. In the end, if you’re an educational institute, the most important thing to do is to protect your students’ and employees’ data, as well as your precious and highly valuable research, rather than the borders around that information. With modern solutions such as format-preserving encryption or tokenization, you can render useless to hackers any PII (including names, addresses, and IDs) or other data you deem sensitive, even if they manage to penetrate your strengthened perimeters and actually get their hands on it.
Darren Guccione, CEO, Keeper Security:
“This latest incident of Vice Society criminal activity demonstrates why parents and students must make cybersecurity a priority. A password manager is a critical first step that can help them create high-strength, unique passwords for all of their online accounts, applications and systems which will help prevent future attacks and mitigate the risk of sprawl if their information is posted to the dark web and sold. Additionally, they should immediately implement a dark web monitoring service, which will alert them if their stolen credentials and information are available on the dark web. Dark web monitoring will prompt them with an alert in real time so they can take immediate action to protect themselves from a future data breach. Lastly, they should enable two-factor authentication (2FA) on all of their websites and applications that provide this additional protection.  2FA is a powerful and simple way to safeguard accounts from a remote attacker.”

The post Data stolen after Hackers hit 14 UK schools appeared first on IT Security Guru.

What Is Data Management And Why Is It Important?

Data management is an important aspect of a business. If your data is not managed correctly, it can lead to all sorts of problems for your company. This blog post discusses data management and why it is so important. It also provides some tips on how you can improve your data management process.

What is data management?

In a gist, data management is the process of collecting, organizing, storing, and protecting data. It involves various activities such as gathering, validating, transforming, sorting, exploring, and analyzing data to create meaningful insights that can be used for decision-making. Different data intelligence platforms are used for these processes. These platforms enable businesses to collect and store data from multiple sources, such as web, mobile, and CRM systems, so that this data can be used for analysis.

Why is data management critical?

Data management is critical because it enables businesses to make informed decisions based on accurate and timely insights. It also helps organizations identify trends in the market and create strategies accordingly. Proper data management also helps safeguard businesses from security breaches and other risks associated with data misuse.

●      Make informed decisions

Based on the data gathered, businesses can use data analytics platforms such as machine learning to analyze, explore, and interpret the data. This generates meaningful insights that can be used as a relevant basis to make informed decisions based on accurate information. For instance, if you are running a marketing campaign, you can use this data to understand what kind of content resonates with your target audience and create strategies accordingly. If your target market is in a particular region, you can use data analytics to determine the best time and place for your campaigns.

●      Interpret business trends

To get ahead of your competitors, staying up to date with the latest trends in your industry is crucial. With the help of data analysis, you can identify emerging trends and adjust your business strategies accordingly. For example, if a new fashion trend affects your target market, you can use this data to create content or products that cater to this trend. Often, data analytics can provide insights you may not have even been aware of, such as a new customer segment for your product or a potential acquisition opportunity. But you must remember that data analysis is only as good as the data it is based on. This means you must ensure that the information you gather is accurate and based on reliable sources.

●      Improve security

Data management also plays a crucial role in protecting businesses from security risks. By using secure storage solutions and encrypting the data, companies can protect their confidential information. Organizations should also have a system to monitor suspicious activities and take steps if any security threats arise. For example, if your data is stored on the cloud, you should set up logging and notification systems that alert you when suspicious activity occurs. Properly managing your data and taking precautions to protect it can reduce the risk of a security breach.

How can your business improve its data management?

Data management is an ongoing process that requires constant review and improvement. Here are a few tips to help you enhance your business’s data management process:

  1. Establish data governance: First and foremost, you need to establish a robust data governance framework that outlines the standards for collecting, storing, and sharing data across your organization. It should also include provisions for data privacy and security.
  2. Invest in reliable storage solutions: Any business dealing with sensitive customer information needs to invest in secure storage solutions such as cloud storage services or encrypted hard drives.
  3. Automate the data management process: By automating your data management process, you can save time and effort while also increasing accuracy and efficiency. This can be done using specialized software or AI-driven analytics platforms.
  4. Enforce data security policies: Ensure all employees are aware of your organization’s data security policies and consider implementing additional measures, such as setting up two-factor authentication or password standards.
  5. Monitor data usage: Finally, it is essential to monitor who has access to what data to ensure that it is not being misused or abused. This can be done by regularly auditing the system and tracking user activity.

Data management is essential for businesses to make informed decisions and stay ahead of the competition. It helps them identify trends and interpret them to create strategies to help them succeed. Additionally, data management also aids businesses in protecting their confidential data from security breaches and other risks. To reap the benefits of data management, organizations must ensure that they have a proper system for securely collecting, managing, and storing their data. Rest assured that you can take your data management to the next level with some effort and expertise.



Can you trust the US Government with your data?

Since 2014, the US government has suffered 822 breaches affecting nearly 175 million records. Based on the average cost per breached record (as reported by IBM each year), Comparitech estimate these breaches have cost government entities over $26 billion from 2014 to October 2022.

In 2018 and 2019, the number of government breaches hit an all-time high with 116 and 118 breaches respectively. In 2020, breaches decreased to 107 before increasing again to 116 in 2021. So far this year, there have been 61 data breaches affecting 2.9 million people.

The amount of records affected during these data breaches has reduced significantly in the last few years. 2018 saw a colossal 83 million breached records. They mainly stemmed from one breach on the US Postal Service, affecting 60 million records. In 2019, this figure dropped to 1.4 million before hovering around the 3 million mark for the next three years.

Over the last four years, the average number of records involved per government data breach has increased. From 17,400 in 2019 to 42,097 in 2020 and 40,440 in 2021, the average number of records affected per breach in 2022 currently stands at 71,534. While the frequency of attacks may have declined, the impact of individual attacks has increased. The true extent of breaches often isn’t felt for months, if not years, so the average number of records affected per breach for this year could increase even further yet

Key findings include: 

From 2014 to October 2022:

  • 822 government entities suffered data breaches
  • 174,963,934 records were affected because of these breaches
  • The cost of these affected records was $26 billion
  • 2019 was the biggest year for breaches with 118 in total, followed closely by 2018 and 2021–both with 116
  • 2018 had the highest number of records affected– 83,293,815 in total
  • California had the most breaches overall (108) and the District of Columbia had the highest number of records affected overall (91.2 million). DC’s vast number of affected records stems from many government offices being based here
  • The most common type of breach was hacking with 256 breaches. Those involving inadvertent disclosure were the second-largest breach type with 192 breaches
  • Cities/towns were the most-affected government entity type from 2019 to Oct 2022 with 124 breached, while counties were breached 56 times during the same time period

From the start of 2014 to October 2022, data breaches have approximately cost US government organisations over $26 billion.

While this figure sounds relatively high for these 822 data breaches, the true costs are likely much higher. This is not just because of all of the other costs involved in a data breach (e.g. recovery costs and ransom payments) but because some figures are unavailable for the number of records involved in these breaches.

The post Can you trust the US Government with your data? appeared first on IT Security Guru.

The Main Advantages Of Using XDR Security System To Safeguard Business Data

The goal of XDR systems is to detect and counter security threats at all stages of the cyber-attack, from the point of entry to data extraction. This system offers a universal approach to ensuring the entire security landscape is protected from threats that could cause considerable losses to the organization. The following are the main advantages of using XDR in your business:


#1. Enhanced Visibility

Sufficient visibility is vital in the cybersecurity sector. Having enough information about possible security threats helps the security expert to develop more robust defense mechanisms. This has been one of the key drivers of demand for XDR from many organizations. XDR is a security tool that integrates data from various sources, such as endpoint devices, email systems, and network traffic. This data helps the security expert build a profile of the organization’s environment and come up with ways of quickly detecting potential threats.


#2. Greater Control

Presently, data has proved highly vital for businesses globally. Therefore, businesses need reliable data protection systems to protect themselves from the loss or theft of company information. A good option is using XDR, which provides protection and flexible control of access to company information. XDR system enables a business to establish granular permissions that define which users have access to what information. In addition, XDR security enables the business to monitor and audit how company information is utilized.


#3. Advanced Perimeter Protection

Businesses that use XDR systems can benefit from having stronger perimeter security because XDR solutions offer a complete assessment of the activity happening across the network. Since XDR combines data from numerous security protocols and devices, it is easy for a security analyst to see everything that is happening with the network all the time.


#4. Shorter Response Time

As world processes are being digitized more and more, there is an increasing demand for faster solutions. For example, many businesses globally want all the necessary decisions to be made faster and operational glitches addressed as soon as they crop up. This has led to the widespread adoption of XDR solutions. This is because XDR can detect problems early and stop them from causing a lasting negative impact on the business.


#5. Improved Management Of Security Systems

XDR relies on machine learning and artificial intelligence to identify and counter threats as they occur in real-time. In addition, XDR allows for the automation of most of the manual processes that come with conventional security management systems, thereby lowering the overall cost of security risk management.


Issues Hampering Full Application Of XDR Systems

Despite the many benefits of using XDR systems, there are several challenges during the implementation phase of this security solution. For instance, deploying the system is somewhat complex and may not be appropriate for all organizations. Below are the significant challenges faced during the implementation of XDR:


#1. Conflict With Legal Systems

Before implementing a new security system like XDR, it is crucial to ensure it is compatible with all the legal requirements in that jurisdiction. The efficacy of the system depends on its ability to connect to and gather information from numerous legacy systems. This can be challenging, notably if the design of the legacy system lacks the necessary security features. For example, the system may lack the required APIs or could be configured in a manner that significantly limits data extraction.


#2. Integration Difficulties

You must implement a robust security system appropriately to offer an organization’s data maximum security. Nonetheless, it can be difficult to implement an XDR security system. This is because an XDR solution needs to combine and work with numerous existing security systems to function correctly to safeguard company data. To provide complete online protection, the XDR system must gather and correlate data from numerous and different sources.


#3. Getting Used To The New Security System

It can be difficult for the business staff to adapt and get used to the newly installed security system, especially if they have been using the traditional security system for some time. The business staff might need to be trained on the best ways of utilizing the new security system, while some extra measures may be necessary at this point to guarantee that business data is stored and accessed safely.


The post The Main Advantages Of Using XDR Security System To Safeguard Business Data appeared first on IT Security Guru.

Hive Group Admits to Leaking Data in Tata Power Ransomware Attack

Reports have said that the Hive ransomware-as-a-service (RaaS) group has claimed responsibility for the cyber-attack against Tata Power disclosed by the company on October 14 and believed to have occurred on October 3.

“The company has taken steps to retrieve and restore the systems. All critical operational systems are functioning,” the Mumbai-based company said at the time.

Security researcher Rakesh Krishnan, has claimed that the leak has reportedly affected several of Tata’s 12 million customers and includes personally identifiable information (PII) like Aadhaar national identity card numbers, tax account numbers, salary information, addresses and phone numbers, among others.

It appears that many have taken Hive leaking the stolen data to mean that any ransomware negotiations failed, but Edward Liebig, global director of cyber-ecosystem at Hexagon, has suggested a different option.

“Let’s face it, even if negotiations are successful, there is still only a 50% chance of recovery of the encrypted assets,” Liebig told Infosecurity in an emailed statement.

“The decision to pay or not to pay is a business call. If the organization is in a very vulnerable position (recovery of assets is not possible), if there is a chance for extremely damaging information to be compromised, or if the potential business impact far outweighs the ransom payment, then the business may decide to pay.”

The executive has said another aspect to consider in this scenario is the rules of the cyber insurance carrier.

“Some Cyber Insurers prohibit the payment of a ransom,” Liebig said. “This means that a ransomware Incident Response (IR) playbook must have a very defined and comprehensive declaration and approval process that goes to the top of the executive team.”

Further to this, Liebig has said he believes that increasing the chances of defending against ransomware begins with watching the front and back doors.

“Watch for, block, and educate against incoming spam and phishing attempts. Know your assets and endpoints. Know and mitigate the vulnerabilities within your environment that enable the exploitation of those assets,” Liebig explained.

“The best way to defend against ransomware is never to let it take root in your systems. The next best way is to have a bulletproof, trusted recovery strategy to minimize downtime and eliminate the ‘ransom’ debate.”

The statistics published by Intel 471 and Digital Shadows, Hive was the third-most prevalent ransomware family observed in Q3 2022.

Lastly, the ransomware group also upgraded its tools to Rust in July to deliver more sophisticated encryption.

The post Hive Group Admits to Leaking Data in Tata Power Ransomware Attack appeared first on IT Security Guru.

Optus telco data breach – what we know so far

Optus, an Australian telecoms provider, has become the latest high-profile victim of a data breach – with the alleged attacker demanding payment to buy back millions of customer records, having already made 10,000 public online.  In the most recent developments, the attacker has now rescinded threats and deleted them from a data breach website. However, it does not change the fact that someone was able to access these customer records, including names, dates of birth, drivers license numbers, addresses, phone numbers, Medicare numbers and passport numbers, in the first place, leaving many Optus customers feeling vulnerable.


But how did this happen?


It appears that an unauthenticated application programming interface (API) was to blame.


Curtis Simpson, CISO at Armis explained: APIs are the entry point into the modern application and the data it processes. Exposures associated with APIs range from configuration-based to logic-based vulnerabilities that can be exploited to compromise platforms, networks, users, and data. Traditional edge security and application security testing capabilities are not identifying nor facilitating the remediation or protection against the exploitation of such exposures at scale across our cloud environments that continue to transform alongside our business operations. Real-time logic-based protections, API exposure analysis, prioritisation, and remediation through development stacks are examples of capabilities that must be embraced in order to safeguard modern web services.”


He continued: “Digital business is done over APIs. Our security programmes and technologies must continue to evolve around where our businesses live and operate.”


Adam Fisher, solutions architect at Salt Security elaborated further in his blog on the incident:


“Human error nearly always plays a role in breaches, but it’s not just a case of individuals being more careful. APIs touch all areas within an organisation, not just development. Typically, multiple teams share ownership across APIs. Often miscommunication (or incomplete communication) can lead to problems. For example, infrastructure teams may assume that the development team has already managed authentication requirements. They may believe that the API has already gone through a security review when, in fact, it hasn’t.


“Unfortunately, miscommunication is fairly commonplace. Moreover, in the case of Optus, it appears that the network team unintentionally made a test network available on the Internet, which could then be easily exploited.”


Professor John Goodacre, director of the UKRI’s Digital Security by Design challenge and professor of computer architectures at the University of Manchester, added:


“Cyber attackers work in a promiscuous world in which a single mistake in configuration or vulnerability in a digital system can be used to potentially steel data or perturb its operation. Connection with the Internet means this can originate from anywhere, with no one anywhere safe. Accepting that to err is human means everyone, everywhere can suffer attacks. Barriers need to be placed in systems by design that work to block the exploitation of vulnerabilities. The ISP and telco that deliver the Internet can see trends in traffic from where attacks originate, but if a single hacker’s request finds an open door in a remote system, there is little technology can do to differentiate this in isolation.”


While Salt Security’s Fisher posited that there is value in organisations considering API security as its own discipline, particularly with the rise of digitisation and APIs underpinning this movement. He advised ISPs and telcos to:

  • Know the risks – starting with the threats identified in the OWASP API Security Top 10
  • Ensure a cross-functional approach – API security must be communicated and supported cross-functionally across the organization
  • Continuously monitor APIs – in addition to having a complete API inventory, telcos and ISPs must continuously monitor the APIs in their environment for deviations in behavior.


“To identify potential API threats, organisations must understand how APIs normally operate within their environments. Having this insight will enable telcos to quickly identify and speed threat response before a bad actor accesses their critical user data…or worse,” Fisher concluded.

The post Optus telco data breach – what we know so far appeared first on IT Security Guru.