Two weeks ago, the popular ride-sharing app Uber announced a cybersecurity incident that affected a variety of company accounts. The breach reportedly originated within Uber\u2019s internal Slack communication channel after a hacker tricked an employee into sharing their login credentials. Those credentials were then used to log into Uber\u2019s Amazon Web Services and Google Cloud accounts\u2014and to access sensitive financial data.<\/p>\n
Uber declined to confirm the details of the breach, but The New York Times and the Washington Post both shared screenshots of online conversations with the hacker responsible for the cyberattack. According to those snippets, Uber employees originally thought the breach was a joke, responding to messages from the hacker with GIFs and emojis.<\/p>\n
Once the compromise was confirmed and the hacker threatened to share Uber\u2019s source code, however, company executives disabled Uber\u2019s Slack channel and other internal software tools. Although all of Uber\u2019s apps remained operational for users, and no identifying information was leaked, the negative news arrived at an inopportune time for the company. Former Uber chief of security Joe Sullivan is currently on trial for a 2016 breach that did leak the protected records of 57 million Uber users and drivers. In 2017, the company admitted to concealing the attack and, in 2018, distributed $148 million in compensation to users in all 50 U.S. states and Washington, D.C.<\/p>\n
Unsurprisingly, on September 16th, the day of the hack announcement, Uber\u2019s stock price declined by 5%\u2014and fell another 12% in the week that followed. This clearly illustrates the negative impacts that a cybersecurity incident can have on even the most popular of companies. And there\u2019s no still indication about whether the hackers will try to extort any ransom or financial reward from Uber.<\/p>\n
How did this hack happen?\u00a0It happened by employing social engineering tactics that prey on unsuspecting users. In this case, the responsible hackers claimed that they targeted an Uber employee who worked on the company\u2019s incident response team. Once that single employee\u2019s login credentials were stolen, hackers then gained access to all of Uber\u2019s online systems. Security experts lamented that laughably low bar of entry\u2014especially since it yielded such a big haul of sensitive information.<\/p>\n
No matter the method, the goal is usually the same: to steal sensitive \u200binformation, gain access to protected accounts, and capture company data, often with the hopes of extracting a ransom or financial reward.<\/p>\n
How can you protect your business? CMIT Solutions recommends the following five tips to protect login credentials and mitigate social engineering scams like the one that struck Uber:<\/p>\n
1. Learn how to identify threatening messages.<\/strong>\u00a0Illicit schemes to swipe information and gain access to systems come in a wide variety of formats: fake shipping updates, bland-looking requests to sign an online document, invites to chat on a channel like Slack, or urgent wire transfer confirmations. Cybersecurity training can help you and your employees spot the telltale signs of such social engineering scams. These include suspicious sender addresses, strange syntax, or any kind of alert about resetting a password.<\/p>\n 2. Don\u2019t open suspicious email attachments or click on embedded links.\u00a0<\/strong>Although the Uber hack occurred via a slightly more informal channel like Slack, hackers still try every day to trick users into opening infected PDFs, Word documents, or voice mail files. NEVER open an attachment unless it\u2019s a specific file you\u2019re expecting from a trusted co-worker. The same goes for clicking unfamiliar URLs that urge you to take action. Always check to see whether the URL written in a message matches its destination by right-clicking the link and verifying it against the sender\u2019s email domain (for instance, a message purportedly from Amazon.com should only include links that point to Amazon.com). If you see long strings of nonsensical numbers or letters, DO NOT CLICK the link.<\/p>\n 3.\u00a0Add multi-factor authentication (MFA) to all logins.\u00a0<\/strong>MFA requires computer users and account holders to follow up their standard username\/password login by entering a unique code delivered via text or confirming a push notification sent through a single sign-on (SSO) app. This second layer of cybersecurity can mitigate a compromised credential by throwing up an extra obstacle in the way of a hacker\u2019s attempt to log in and steal information.<\/p>\n 4. Never share personal, financial, or medical information via email, chat, or other online methods.\u00a0<\/strong>One of the most nefarious ways that social engineering operates is by warming up to users and breaking down their natural defenses so that they recklessly share sensitive information. If a colleague or contact requests protected information like passwords, birthdays, or account numbers via email, text, or online chat, double-check the legitimacy of that request with a face-to-face meeting or live phone call.<\/p>\n 5. Partner with a trusted IT provider to assess and enhance cybersecurity protections.\u00a0<\/strong>There isn\u2019t a single security tactic that can protect your business from every digital threat. What you can do, however, is work with a reliable managed services provider (MSP) to construct a multi-layered network of complementary defenses around your technology. That should include basic network security tools like anti-spam, anti-malware, and anti-virus software along with strong firewalls, Internet traffic analysis, and 24\/7 system monitoring to block cyberattacks and safeguard login credentials.<\/p>\n CMIT Solutions has 25 years of experience assessing sophisticated threats, training employees to be the first line of defense, and empowering businesses to stay safe. We work with companies of all sizes in all industries to protect against social engineering scams, ransomware infections, phishing attempts, and other digital dangers.<\/p>\n