Recently, a senior threat intelligence analyst for Mandiant, a security company acquired by FireEye in 2014, recently became the victim of a security breach wherein the contents of his inbox were posted online with the “Operation #LeakTheAnalyst” hashtag and social media accounts were infiltrated and modified. Andrew Clarke, an EMEA Director at One Identity commented below.
Andrew Clarke, an EMEA Director at One Identity:
“Even the most aware security users get caught out – that only goes to show that companies cannot do enough to protect their users. For years, security experts have been espousing the need for organizations, private enterprise, non-profits and governments to increase focus and investment to security; to make security a board room level discussion. But now it appears that even the experts and analysts have failed to heed our own warnings and are suffering from the “Cobbler’s Kids” allegory. In the “Cobbler’s kids”, the proverbial children of the shoemaker go without shoes as the cobbler works to shod everyone else – much like the security professionals in this real-life saga.
“The fact that hackers persisted with their attacks on this user for over a year is alarming since pro-active monitoring would catch unwanted behaviour. Improved user administration would help – with strong access controls that validate specific actions to confirm that is really the intention could prevent accidental publication of information and of course create another barrier for potential attackers to overcome. Improved management of social media accounts that takes advantage of the latest safeguarding tools to control and manage access to social media logins and access is also advised.
“Security is not a pastime. It’s not a “once and done” thing. It’s not “set it and forget”. It’s a process, not a product. It’s a mindset, not a thought. It’s a change of behavior. For – as we tell our own customers – we have to be perfect every single time; the hackers need succeed only once.”
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.