MY TAKE: Massive Marriott breach continues seemingly endless run of successful hacks

The Last Watchdog, 12/3/18, with comments from Satya Gupta;

Target, Home Depot, Yahoo, Blue Cross, Marriott and more – familiar names to us that now all share being subjects of massive data breaches. The latest of Marriott’s, through Starwood hotels that Marriott merged with in 2016, is second in size only to Yahoo. Yahoo holds the record for the largest breach to date of 3 billion accounts. Yahoo had a second, later breach of 500 million. On Friday after the news, Marriott stock fell 6%.

The scale of these attacks is alarming enough. But perhaps even more alarming is how long these attacks go on undetected – aka ‘dwell time,’ in this case, 4 years. These attackers gain access secretly and remain inside for years, carrying out their furtive deeds with no one the wiser.

Satya Gupta, CTO and Co-founder, Virsec, expands on the unique concerns of attacks that involve extensive dwell time.

“What’s most disturbing about this attack is the enormous dwell time inside Starwood’s systems,” says Satya. “The attackers apparently had unauthorized access since 2014 – a massive window of opportunity to explore internal servers, escalate privileges, moves laterally to other systems, and plot a careful exfiltration strategy before being discovered.

“All organizations should assume that the next threat is already inside their networks and won’t be caught by conventional perimeter security. We need much more careful scrutiny of what critical applications are actually doing to spot signs of internal corruption. We must reduce dwell time from years to seconds.”

Read full Massive Marriott breach My Take article

By |2018-12-15T20:41:02+00:00December 5th, 2018|Virsec in the News|

About the Author:

With fifteen+ years of marketing management and content development experience in the cybersecurity space, Michelle writes about security technology, solutions and news in blogs, white papers, product briefs, newsletters and more. Michelle holds a Masters in English from San Jose State University.

Leave A Comment