Is Uber’s ‘Security Incident’ Just A Smoke Screen? Experts Weigh In

Uber’s computer systems were breached and the company has alerted authorities, the ride-hailing giant said Thursday. The ride-hailing company said in a tweet that it was “responding to a cybersecurity incident.” The hacker surfaced in a message posted in Slack, according to two people familiar with the matter, who spoke on the condition of anonymity because of the sensitive nature of the incident.

Subscribe
Notify of
guest

21 Expert Comments
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Liat.hayun
Liat.hayun , CEO
InfoSec Expert
September 20, 2022 11:21 am

Bad actors continue to gain access to valuable customer data in the cloud. In this case, a simple social engineering compromise allowed the attacker access to sensitive data residing inside Uber’s public cloud environments. It’s becoming more important than ever for companies to be ‘uber’ proactive in protecting this data.

Last edited 2 months ago by liat.hayun
Yoni.shohet
Yoni.shohet , CEO
InfoSec Expert
September 20, 2022 11:03 am

This is another case where attackers identified business-critical SaaS applications like Google Workspace and Slack as prime attack targets. The sensitive data held within these platforms combined with the distributed ownership with multiple administrative accounts, makes it a lucrative target for hackers. Organizations must ensure they have the proper security controls to ensure their SaaS data, identities and third-party integrations are properly secure with least privilege access to reduce the SaaS attack surface and blast radius of attacks targeting their business-critical SaaS.

Last edited 2 months ago by yoni.shohet
Omer.yaron
Omer.yaron , Head of Research
InfoSec Expert
September 20, 2022 10:39 am

Regardless of the attacker’s entry point, in Uber’s case the social engineering vector, it’s absolutely key to have different controls over applications to reduce the overall risk. Uber’s case shows how bad things can be, at least from what we know. Events escalate quickly and critical assets can be accessed without proper controls in place. Also, Uber is not out of the ongoing event. There are still mitigations they need to perform in real time. And it all comes down to the controls and measures they’ve put in place that will determine the outcome of this attack.

Last edited 2 months ago by omer.yaron
Sami.elhini
Sami.elhini , Biometrics Specialist
InfoSec Expert
September 20, 2022 10:33 am

This incident is hardly surprising as is the method by which an Uber employee was exploited. Research conducted independently by IBM, TrendMicro and Stanford University found that anywhere from 80% to over 90% of breaches involve human error. In this case, social engineering was employed by the hacker who claimed a false identity and obtained an Uber employees credentials. Yet again, data was lost due to weak identity management. Perhaps the future will hold biometrically protected keys used to sign everything from text messages to emails. Until then, starting with training and education, it is paramount that every organization strives for a culture of cybersecurity.

Last edited 2 months ago by sami.elhini
Chris Hauk
Chris Hauk , Consumer Privacy Champion
InfoSec Expert
September 20, 2022 10:25 am

While a New York Times reporter says that the hacker has said he is 18 years old and hacked the Uber systems because “they had weak security,” Uber customers will want to stay alert for any possible phishing schemes that bad actors could attempt, using data acquired in the hack. 

Users will want to avoid opening emails and texts from unknown parties or that appear to come from Uber. Uber customers should definitely avoid clicking on any links or opening any attachments in emails or texts. 

Users are also advised to change their Uber login password, while also checking their other passwords to ensure they haven’t used the password on other accounts. I advise users to also keep informed on this situation, monitoring reliable news sources for more information on the situation.

Last edited 2 months ago by Chris Hauk
Information Security Buzz
21
0
Would love your thoughts, please comment.x
()
x