Is extortion the new ransomware? – TechCrunch

The massive Twitch hack last week was just the latest example of a high-profile breach that has the security industry in a frenzy. Everyone is asking themselves how this could happen, how such a large store of critical data — the source code! — could be taken out without tripping any alarms, how a company with Amazon-level security resources, literally, seemed to find out about the breach only once it started spreading on 4chan.

While security pros wait anxiously to unpack and understand the “part 2” reveal from the hackers, it’s becoming apparent that passwords and user emails are probably coming next, though evidence of this data is already being uncovered by researchers, according to Threat Post.

The PR nightmare for Twitch is only just beginning, and now millions of users’ personal, plain text information will soon percolate among threat actors looking to capitalize on the trove of data released in this hack.

First, it goes without saying that Twitch users need to cycle their passwords immediately and enable multifactor authentication on their accounts if they haven’t done so already; that’s just good security hygiene. Twitch, for its part, reset all stream keys “out of an abundance of caution” and has been able to keep its platform online throughout the crisis. In itself, that’s impressive and notable during such a massive incident.

Ongoing shifts in attack tactics

Beyond the immediately compelling parts of this story — from the enormity of creator payouts to trolling Jeff Bezos — the nature of this attack and the shift toward extortion rather than demanding ransoms is serious and significant.

Breached organizations who’ve lost control of their data no longer have the binary choice of paying for decryption keys or rebuilding from backups. It’s a signal that the calculus for businesses in times of crisis is becoming exponentially more complex when a threat actor’s objective is extortion instead of a straightforward ransomware payout.

Twitch won’t be the last example of this emerging and vexing tactic; one that seems to be gaining momentum.

Staying ahead of the game

I’ll give Twitch the benefit of the doubt and assume it had fairly mature security operations and incident response planning — two elements that companies often woefully underinvest in until it’s too late.

But the situation is a sobering reminder that even when an organization does everything right, there’s still no 100% prevention, and threat actors just have to find one vulnerability to take action. The name of the game, now, is a well-tested, well-documented plan and establishing the response your company wants to have when the unthinkable happens.

Who makes the ultimate decisions? What do you need to shut down and when? Who gets called and in what order? It’s infinitely easier to have these discussions when it’s not a hair-on-fire situation. When the inevitable happens, the company and its response need to be battle tested.

While the full scope of Twitch’s hack remains to be seen, it’s an eye-opening situation that everyone should study as a cautionary tale. Even mature, well-resourced systems can be penetrated, and threat actors are keen to wreak havoc and take control of data without locking it up in ransomware.

Companies must plan and be diligent on process and documentation, and also ensure they’re doing everything possible to detect and minimize the impact to keep themselves protected. They must keep playing an unfair game that’s getting progressively more complicated.

Source link

More from author


Please enter your comment!
Please enter your name here

Related posts


Latest posts

Tecnica’s ‘Recycle Your Boots’ Program

After your ski boots have served you for a period of time it will be time to put them out to pasture.  Hopefully,...

Who What Wear Podcast: Nili Lotan

I read that you grew up wearing uniforms during school, including during your two-year military...

PayPal reportedly considers buying Pinterest at a $39B valuation – TechCrunch

To get a roundup of TechCrunch’s biggest and most important stories delivered to your inbox every day at 3 p.m. PDT, subscribe here. Hello...

Want to stay up to date with the latest news?

We would love to hear from you! Please fill in your details and we will stay in touch. It's that simple!