The ride tech giant reportedly has suffered a massive security incident, which is likely more extensive than its 2016 data breach and potentially may have compromised its entire network.
A hacker on Thursday was believed to have breached multiple internal systems, with administrative access to Uber’s cloud services.
Through social engineering attack on Slack, hacker was able to convince the employee to accept and approve notification. Hacker authenticated, accessed and scanned internal network via VPN.
- Regularly Conduct Penetration Test
Conduct tests to replicate the threats that the organisation is likely to face. It is better if you uncover hidden system vulnerabilities before the hackers do.
- Implement Least Privilege
One strategy used to prevent this sort of breach is to restrict privileges for user and administrator accounts. By restricting privileges to only what is needed, the impact of one lost account is minimized. BeyondTrust PAM solutions is best for least privilege implementation.
- Set up a cybersecurity hotline for staff if you don’t have one already.
Make it easy for anyone to report cybersecurity issues. A suspicious phone call, an unlikely email attachment, or any form of security threat.
- Never Neglect Cloud Security Monitoring
Cloud services, especially those hosting sensitive data, need effective monitoring to detect any unauthorized access to sensitive data.
- Implement a Password Manager
BeyondTrust Password Safe is an enterprise password manager software which ensures complete control and accountability over all privileged accounts within an organization.
Visit: https://supportlinktech.com/Password-Management/