Even a hack exposing 9+ million records can be considered “basic.”
While the effects of a compromise on the Australian telecom Optus were anything but omg, so mainstream, the attacker had an easy way in.
“What is of concern for us is how what is quite a basic hack was undertaken on Optus,” Australian Minister for Cybersecurity Clare O’Neil said shortly after the Sept. 2022 breach.
Because the app’s facilitator of data-exchange, known as the application program interface (API), was left “exposed” to the internet—no authentication required—the hacker could download customer records.
While IT teams often make application inventory and patching part of their vulnerability management programs, recent attacks show that the API is an oft-exposed component deserving of some attention—both in the development process and during runtime.
“Those exposure points are often ignored, often overlooked, and very often vulnerable, or overly permissive, because the person writing them maybe didn’t have the knowledge or experience for how to limit what could be seen or what could be called,” said Bill Young, VP and general manager of threat management at the consultancy Optiv.
Keep reading here. —BH
Do you work in IT or have information about your IT department you want to share? Email [email protected].