From the Data Breach Summary:What do pirates on the high-seas have to do with securing web servers and content management systems (CMS)? It seems as though cybercrime is not isolated to the digital world any longer, as old world, Blackbeard-type pirates turn to the web for information that will make their physical attacks more targeted and lucrative. A global shipping conglomerate unfortunately experienced this new reality firsthand. It wasn’t the fact that pirates commandeered one of their cargo vessels, and stole valuable merchandise, but instead it was the precision in which they carried out the theft –the pirates knew exactly what they were looking for and precisely where to find it. An investigation into the shipping company’s systems revealed that pirates exploited existing vulnerabilities within the shipper’s server to successfully upload a malicious web shell onto a server that was managing shipping routes. This enabled the threat actors to download detailed bills of lading that identified desired valuables, their associated crate numbers, and the ships that would transport them.
How an Orchestrated Cyber Defense can Minimize Risks Like This
Want to take your vulnerability management game to the next level? Download our latest white paper, Change the Game in Vulnerability Management, Download nowTo help prevent or minimize risks associated with similar attacks, BeyondTrust recommends an integrated security approach that includes BeyondTrust and 3rd party solutions. Technologies Integrated:
- Asset Management
- Workflow Management & Ticketing
- Patch Management
- Windows Least Privilege
- Vulnerability Management