News is surfacing that the French domain name registrar and cloud hosting company, Gandi.net, has had a security breach after hackers got hold of valid login details to one of the company’s technical providers. The hackers were then able to divert traffic for over 750 domains to a malicious website. Gandi has issued an incident report with more details. Barry Shteiman, Director of Threat Research at Exabeam commented below.
Barry Shteiman, Director of Threat Research at Exabeam:
“The theft of IDs and passwords is by far the most common goal for today’s cyber attackers. Valid credentials really are the keys to the kingdom, once a hacker has them, they have a legitimate means to access files and databases at will, or as in the Gandi case, make changes to critical services in order to cause havoc. To stop such cases, businesses need to be able to detect unusual use of valid credentials. This is why behavioural analytics has grown so quickly over the last couple of years. It can help combat insider threats by notifying the security team when someone is doing something that is unusual and risky, both on an individual basis and compared to peers.”