It has been reported that Ubiquiti, a major vendor of cloud-enabled Internet of Things (IoT) devices such as routers, network video recorders, security cameras and access control systems, is urging customers to change their passwords and enable multi-factor authentication. The company says an incident at a third-party cloud provider may have exposed customer account information and credentials used to remotely manage Ubiquiti gear.
In an email sent to customers, Ubiquiti said it recently became aware of “unauthorized access to certain of our information technology systems hosted by a third party cloud provider,” although it declined to name that provider.
<p>Passwords again are at the forefront of the latest unauthorized access at network equipment provider Ubiquiti Networks, which has been a popular solution in recent years with its unified solutions bringing together network access, WIFI, switching, camera, phone and door security into a single platform. The latest data breach and unauthorized access has led Ubiquiti to advise its customers to rotate passwords, including any other internet services where the same passwords have been used – a common poor practice that results in data breaches escalating further. </p> <p> </p> <p>The response has been mixed as the notification did not provide much detail on what a good password is or using a password management solution to help increase the security of such privileged access. The scary thought is whether or not this unauthorized access has allowed attackers access to customer’s networks, including security camera footage. </p> <p> </p> <p>Companies such as Ubiquiti that focus on access and security should demand multi-factor authentication by default and integrate into password management security solutions, as this breach shows the importance of not letting a password be your only security control.</p>
<p>Cybercriminals utilize various attack vectors to access organizations. A primary example is via social engineering techniques such as phishing emails to employees or by leveraging third-party access through another organization. Organizations need to increase their third-party access procedures, training and technology to reduce the risk of attack by a third-party vendor.</p> <p><br />Cybercriminals will continue to leverage attacks against smaller organizations to work their way into larger ones that are already authorizing the users. For all third-party access, organizations want to monitor all access, machine to machine communications and any interactive user sessions. When an interactive user is accessing your organization, multifactor authentication (MFA) is crucial to further reduce the risk of lost passwords or a compromised third party. Supply chain and third-party attacks are rising, especially with the recent data breaches discovered in December.</p>