Underestimating The Attack Severity In The Krebs Altair Breach Notification Story

By   ISBuzz Team
Writer , Information Security Buzz | Feb 27, 2017 06:15 am PST

Krebs on Security recently reported on the suppression of a particularly insidious breach at Altair Technologies, but an even bigger story may be the impressive efficiency of this attack. Jeff Hill, Director, Product Management at Prevalent, Inc commented below.

Jeff Hill, Director, Product Management at Prevalent, Inc:

jeff-hill“Ironically, Altair’s awkward attempt to cover up or otherwise downplay the significance of their breach successfully masks both the serious nature of the episode, and the brilliance of this attack vector.  The attackers successfully penetrated a single organization, and then navigated to the update server, an ingenious technique to propagate malware to dozens of high-profile organizations while barely lifting a finger.

But perhaps the shrewdest element of this incident is the obscurity of the chosen target.  How many organizations – even the most security-conscious with robust vendor risk management programs – would subject a small Windows log parsing utility vendor to meaningful scrutiny?  Flying under the radar works for military pilots, and, as the Altair breach illustrates, for cyber criminals as well.”