Exabeam News Wrap-up – Week of September 12, 2022

We’ll be regularly bringing you a summary of Exabeam’s key topics and headlines. Stay up to date with the Exabeam News Wrap-up!

Uber Hacked in MFA Fatigue Social Engineering Attack

Last week, Uber was a victim of a cyberattack; compromised systems include their security software, Windows domain, Amazon Web Services console, and Google Workspace admin dashboard. The hacker allegedly used a social engineering technique called an MFA Fatigue attack to gain access to an Uber employee’s account. 

“This is far from rare; in fact, a 2022 report found that insider threat incidents have risen 44% over the past two years,” says Samantha Humphries, head of security strategy EMEA at Exabeam. “This kind of threat can be much harder to detect. After all, an attacker with valid credentials looks just like a regular user. This presents one of the most significant challenges for security teams.”

U-Haul Breached, Customer Information Compromised

Moving truck company U-Haul International suffered a data breach after a customer contract search portal was hacked. An investigation determined that the intruders accessed customer information including names, driver’s licenses, and state identification numbers.

Ralph Pisani, president of Exabeam, shared some thoughts on the role of credentials in defending an enterprise and its data:

“Proper education, feedback loops, visibility, and effective technical capabilities are the keys to identifying and responding to attacks caused by compromised credentials. The most effective detective capability is the development of a baseline for normal employee behavior, specifically to assist organizations with identifying the use of compromised credentials for initial access and later maintaining network access. If you can establish normal behavior first, only then can abnormalities be known — a great asset in uncovering unknowingly compromised accounts.”

XDR Alliance Welcomes New MSSP and MDR Members Committed to Open XDR Framework in Cybersecurity

The XDR Alliance welcomed new members Banyax, Deloitte and Reliquest, expanding the MSSP/MDR category for the alliance. Gorka Sadowski, founder of the XDR Alliance and chief strategy officer at Exabeam, discussed how these new members will expand the alliance’s efforts toward a more open, inclusive and collaborative team. “We are pleased to have these providers join and augment the representation in the MSSP/MDR space, and offer their extraordinary API integration expertise across all alliance member technologies and the industry at large,” said Sadowski. “These new members represent joint customers all over the world and have vast expertise in helping end customers benefit from tightly integrated best-of-breed technology stacks in the spirit of being open, inclusive and collaborative. They built and operate some of the world’s largest security operations centers (SOCs).”

Stay tuned for the next issue of the Exabeam News Wrap-up!

Defending against insider threats is more than just picking the right security solutions. It’s also defining and creating a security program that pulls people, processes, and technology together to effectively defend against these kinds of threats.

Download this checklist as a guide for defining your insider threat defense strategy.