It’s certainly not what Yahoo or its customers would have wanted. But news of the biggest data breach ever recorded serves as a timely reminder of the threats facing the modern data centre as we head into the new year. The internet pioneer may be an extreme example, having now allowed cyber thieves to steal data from 1.5 billion accounts. But organisations of all sizes should see it as a cautionary tale. They need to wake up to the threats facing their data centres or risk following in Yahoo’s footsteps.
The challenge heading into 2017 will be to arm IT teams with tools designed to give them visibility and control over east-west data centre traffic. Only then can they spot and block attacks before they’ve had a chance to impact the organisation.
A Cautionary Tale
Although the Yahoo breach is thought to have taken place back in 2013, it should be a wake-up call to organisations everywhere. Why? Because even a technology company with ample resources, a dedicated CISO and presumably a good understanding of how data centres work ended up suffering a serious breach. That illustrates the stealth and persistence of modern cybercriminals.
What’s more, according to Yahoo CISO Bob Lord’s statement, the firm had no idea it had been breached a second time – it had to be informed by law enforcement. The current median dwell time for cyber attacks is estimated at 146 days. This is hugely damaging for firms, because the longer an adversary is inside the network the more damage it can do.
Yahoo is certainly not alone. Nearly two-thirds (65%) of large UK firms suffered a security breach or cyber attack in the past year and a quarter of these claimed to have experienced a breach at least once a month, according to the government. That report estimates the average cost of a breach at a conservative £36,500. However, it can be much more, as TalkTalk found out. The ISP was fined £400,000 by the ICO and estimated at the start of the year that its 2015 breach may end up costing it £75-80 million.
The following can all hit an organisation where it hurts following a breach:
- Remediation and clean-up costs
- Legal fees
- Industry fines – especially with forthcoming European GDPR
- Lost customers
- Brand damage
- Share price devaluation
Turning the Tables
If a large tech-savvy organisation like Yahoo can be hit by two massive breaches, it should tell us that a determined hacker will always find a way inside your network. But too many legacy technologies focus on trying to prevent attacks at the perimeter, leaving a huge blind spot inside the data centre.
IT leaders should therefore look to emerging security technologies designed to shine a light on east-west traffic, spotting attackers as they attempt lateral movement. Dynamic deception techniques can then reroute this traffic into a safe environment for analysis while servers are remediated. It’s all about stopping the attack early on in the kill chain before it’s had a chance to do any damage. With granular visibility into communications between applications down to the process level, IR teams focus their efforts only on legitimate threats, thereby maximising IT resources.
As we head into 2017, let GuardiCore show you how to shine a light on your cyber assailants with modern, real-time breach detection response designed to thwart attacks with pin-point accuracy. To see it in action, take a moment and request a demo.