Attackers took over the popular anime streamer Crunchyroll yesterday for a short time after they got access to Crunchyroll’s Cloudflare configuration and targeted Windows users with a malicious code. The website was taken down as soon as it was discovered and fixed. Chris Olson, CEO at The Media Trust commented below.
Chris Olson, CEO at The Media Trust:
“This is yet another example of how enterprises fail to grasp a simple reality: traditional website security solutions provide inadequate insight and protection for today’s websites, where unmonitored third-party code is rampant. When this third-party vendor code is compromised, so is the enterprise’s digital ecosystem. This is evidenced in many recent high-profile websites and mobile app attacks. Control over the risks posed by digital solution providers, such as Cloudflare, can make the difference between a secure user experience and a widespread malware attack. The onus is on highly-trafficked websites to embrace a security-first approach to design and user experience. The first step is to continuously monitor all executing code – both first and third-party code – on websites and mobile apps to discover what and who is executing in its digital environment.”