Security Expert Re: Maze Ransomware Attacks ST Engineering’s U.S. Aerospace Subsidiary

The fact that “ a compromised Administrator account” was the entry point for the Maze ransomware breach will be lost on most people. The truth is that hackers breached VT SAA’s defenses by bypassing their Maginot Line, or, perhaps more appropriately for the shareholders of ST Aerospace - the guns were pointing the wrong way. In other words, the hackers succeeded by going around VT’s cyber defense, probably by phishing the human owner of the Admin account. The enemy is waging the war in front of them while most security teams are fighting the last war, the one where anti-virus software, encryption, 2FA and firewalls save the day. Post attack, the focus of the story is always on encrypted data, “securing our systems”, buying more tech, retaining a well-known outside security advisory team and managing the PR. So the lesson is rarely learned: Patch People. Treat people as part of a holistic defense strategy. For a fraction of the cost of cyber defenses, CISOs can teach employees how to be part of the defense. It’s not as sexy as big-budget security tech but it can work far better.  Read Less