MOVEit and MGM Resorts Hacks, U.S. Senate's Email System Melts Down, Cisco Can't Stop Using Static Passwords, and Listener Questions
Oct 19, 2023
auto_awesome
Updates on MOVEit and MGM Resorts hacks, US Senate email system meltdown, Cisco's use of static passwords. Listener questions on single sign-on, circumventing IT rules, LinkedIn profiles.
01:24:49
AI Summary
AI Chapters
Episode notes
auto_awesome
Podcast summary created with Snipd AI
Quick takeaways
The recent hack of the file transfer software, MoveIT, highlights the growing trend of targeted attacks on software vulnerabilities by ransomware groups.
The US Department of State's failure to implement effective security measures raises concerns about the vulnerability of a vital government agency.
The US Senate's email system meltdown underscores the importance of proper IT training and email management policies.
Deep dives
MGM hack leads to massive theft of sensitive information
The popular file transfer software, MoveIT, was hacked by the Clop ransomware gang, resulting in 62 million people and over 2,000 organizations being affected. The cybercriminals earned between $75-100 million from this breach. This incident highlights the increasing focused targeting of software vulnerabilities by ransomware groups, emphasizing the need for proactive security measures.
US State Department lacks effective IT security
The US Department of State has largely failed to implement an effective security risk program, as auditors have found. Despite writing a risk management strategy for IT security, the department has not fully implemented security recommendations and has systems still running years past their end-of-life. This raises concerns about the vulnerability of one of the most important government agencies in the US.
Senate email system crashes due to reply all
The US Senate's email system experienced a meltdown after thousands of employees replied all to a security test email. The incident highlights the persistence of reply-all issues even in 2023, showcasing the need for proper IT training and email management policies.
End of life systems pose security risks for the State Department
The GAO found that the US State Department has numerous systems that have reached end of life, with some installations running operating systems that are over 13 years past their end-of-life date. This lack of maintenance and outdated systems poses significant security risks for the department and potentially leaves it vulnerable to cyber attacks.
Cisco vulnerability due to static user credentials
A new vulnerability has been identified in Cisco's emergency responder product, which allows attackers to exploit the presence of static user credentials for the root account. These credentials, typically reserved for deployment, can be used to log into affected systems. The issue of static passwords has been an ongoing problem for Cisco and other products, often implemented to minimize support calls and tickets. However, the presence of these passwords can also stem from development processes or backdoor access. It is crucial for organizations to address these vulnerabilities and encourage clients to change or remove static username and password combinations.
Security considerations with single sign-on (SSO)
SSO (single sign-on) is an authentication method that allows users to access multiple applications and services with a single set of credentials. While SSO offers benefits such as reducing the need for multiple logins and enabling stronger password policies, it also requires high availability and careful implementation. Organizations implementing SSO should consider incorporating additional security measures like multi-factor authentication, access controls, and limitation of user access to specific services. It's important to follow a zero-trust model, focusing on micro-segmentation and authorization to control and secure access to resources. While there are downsides and deployment complexities, the overall benefits of SSO outweigh them, making it a worthwhile improvement for many organizations.
This week on Hacker And The Fed we offer updates on the MOVEit and MGM Resorts hacks, the US State Department has no idea if its IT security actually works, the Senate's email system melts down in the face of a security test, Cisco can't stop using static passwords, and we answer listener questions about Single Sign-on, circumventing company IT rules, and LinkedIn profiles.
Links from the episode:
MOVEit Maker Announces New Critical Vulnerability Affecting a Different File Transfer Tool
