BACKGROUND:
It has been reported that Amazon’s video streaming service Twitch was hacked Wednesday in a breach that included details on payments to content creators and an unreleased product from Amazon Game Studios. The anonymous hacker said they were releasing the information to “foster more disruption and competition” in the online video streaming world, and called the Twitch community a “disgusting toxic cesspool” in a post to the anonymous message board platform known as 4chan. Twitch confirmed the hack in a tweet, but did not provide details on the extent of the hack and what data was obtained.
<p>“99% of companies today don\’t know where all their private customer data is stored within their systems and applications, and if you don\’t know where it is, you can\’t secure it. Given what we know about the attack, it\’s likely that private user information, such as names, emails and mailing addresses were also compromised.</p>
<p> </p>
<p>“If personal data has been compromised, this could lead to millions of dollars in privacy fines, for example, in breach of GDPR and CCPA regulations, and possibly others. Today, over 100 countries have privacy laws. Once the forensic investigation into the issue is complete, all privacy laws that may have been violated here will become clear.</p>
<p> </p>
<p>“Social media platforms store huge amounts of personal data, including unstructured and structured data. Personal data held inside organizations comes in all forms today, not only in text, but also in images and even videos.</p>
<p> </p>
<p>“The problem is technologies can\’t find all this private, unstructured data across multiple sources, and they can\’t create the necessary context around the data to help organizations reduce risk.</p>
<p> </p>
<p>“With the exponential growth of personal data they store, organizations need to have data hygiene practices in place and perform constant data security assessments to understand, locate and classify sensitive data and create security controls around it. They also need full visibility of data at rest in order to reduce risk.”</p>
<p>Recent reports of data breaches from companies such as Facebook and Twitch might be making people nervous. However, when it comes to cyber security, it is better to be proactive than reactive. The type of information stolen can vary, so if you are affected by any breach, pay attention to the company\’s advice about the leaked information and what the appropriate action is. The breached company may offer credit monitoring if hackers use the leaked data for financial fraud, for example.</p>
<p>When a company says they stopped the attack and contained the damage, there are three steps to take. Firstly, you should always change your account password. Leaked passwords are usually sold on the dark web or added to databases that hackers use to crack passwords. Changing a breached password ensures hackers can\’t log in to your account. If you were using the same password for other web accounts, those need to be changed immediately too.</p>
<p>Secondly, consider using a password manager which can help create and store strong passwords, then enter your credentials when you return to a website to log in. Some can also help you keep an eye out for suspicious activity involving your personal information on the Dark Web so you can take action accordingly.</p>
<p>Thirdly, use two-factor authentication to make your accounts more secure. This is when you use an app to generate a code or get a notification on your device and helps to prove the person logging into the account is who they say they are. Any unauthorised access therefore gets shut down in real-time.</p>
<p>We’ve seen a lot of good advice to anyone with a Twitch account—change your password, change other passwords if you reused it, and switch on two-factor authentication. But this alone won’t keep streamers and their fans safe.</p>
<p>Some hackers will take advantage of the fear of a password breach to send out phishing emails: Due to the recent breach, we are forcing all our users to change their passwords. This is actually a way to steal passwords when users are asked for their “old password”. Even experienced users have been known to fall for this trick.</p>
<p>The leaked details of the “Top 100” streamers are also a worry for Twitch. Extra information like this can be used in highly targeted “spear-phishing” attacks, a more personal approach to taking over accounts and stealing data.</p>
<p>Basic password hygiene is a great start, but we need better awareness of the ways breaches can be used to fool and frighten people into poor judgments that will give their details away.</p>
<p>What happened to Twitch can happen to almost any organisation, though their particular service niche likely made them a higher priority target for some groups. There is also some irony this disclosure comes during the traditional Cybersecurity Awareness Month. While the leak of information is distressing, even more troubling is that the attackers were able to obtain tools and plans of the cybersecurity teams that were used to defend the organisation from such adversaries. It makes sense — from an attacker\’s perspective — to try to understand what the defenders are liable to do so you can work around those defences.</p>
<p>We often focus much of our security awareness attention and protections on ‘normal’ users, which can cause us to take our eyes off of systems and networks used by defenders. Now would be a great time for all cybersecurity teams to re-think how they manage and secure their own systems/data/tools and, perhaps, have a separate set of out-of-band plans that include how to respond to a breach of their own tools/data.</p>
<p>This is also a good time to remind organizations that using modern deception techniques/practices can be of great benefit. Having a lookalike LAN segment or three which has file servers, mail systems, and workstations — but contain false data — surrounded by telemetry — can be a very effective way to know when an attack is in-progress while not putting real systems/data at risk.</p>
<p>The importance of robust software security tools and practices cannot be underestimated. Research shows that 76 percent of applications today contain some sort of security flaw. Since flaws in source code can be exploited by a hacker, regular scanning to find and fix vulnerabilities is imperative. This attack on Twitch is a prime example of how the digital attack surface is growing larger every day, meaning hackers have more endpoints to target. The perimeter is officially ‘dead’. Commonplace vulnerabilities and attack tools or techniques can have devastating consequences, so businesses must ensure they are championing software security at all levels of the organisation.</p>