The Last Watchdog, 12/3/18, with comments from Satya Gupta;
Target, Home Depot, Yahoo, Blue Cross, Marriott and more – familiar names to us that now all share being subjects of massive data breaches. The latest of Marriott’s, through Starwood hotels that Marriott merged with in 2016, is second in size only to Yahoo. Yahoo holds the record for the largest breach to date of 3 billion accounts. Yahoo had a second, later breach of 500 million. On Friday after the news, Marriott stock fell 6%.
The scale of these attacks is alarming enough. But perhaps even more alarming is how long these attacks go on undetected – aka ‘dwell time,’ in this case, 4 years. These attackers gain access secretly and remain inside for years, carrying out their furtive deeds with no one the wiser.
Satya Gupta, CTO and Co-founder, Virsec, expands on the unique concerns of attacks that involve extensive dwell time.
“What’s most disturbing about this attack is the enormous dwell time inside Starwood’s systems,” says Satya. “The attackers apparently had unauthorized access since 2014 – a massive window of opportunity to explore internal servers, escalate privileges, moves laterally to other systems, and plot a careful exfiltration strategy before being discovered.
“All organizations should assume that the next threat is already inside their networks and won’t be caught by conventional perimeter security. We need much more careful scrutiny of what critical applications are actually doing to spot signs of internal corruption. We must reduce dwell time from years to seconds.”
Read full Massive Marriott breach My Take article