What actually happened in the Uber cyberattack? | Cetas Cyber скачать в хорошем качестве

What actually happened in the Uber cyberattack? | Cetas Cyber

Uber, the world’s largest ride-sharing company was hacked by an 18-year-old on September 15th. Shortly before the Slack system was taken offline on 15 Sept Thursday afternoon, Uber employees received a message that read, “I announce I am a hacker and Uber has suffered a data breach”. Uber says that it’s currently investigating the incident and is in contact with law enforcement officials. Typically we’d have to wait months or years to find out what happened in a cyber attack, but in this case, the hackers had brief control over Uber’s social media and answered some of the public’s questions about the attack. So how exactly did the attack happen? The hacker first got the login credentials for an Uber employee and bypassed Uber’s multifactor authentication system to gain access to internal systems. Even though multi-factor authentication is a great way to securely identify, hackers have learned ways to hack this by using social engineering techniques to trick an individual. In this case, the hacker sent a large number of push requests to employees to confirm their sign-in, and impersonated Uber’s IT team to gain access to employee information. After scanning the network, the hackers got access to Uber’s privileged access management system which is a component used to manage and monitor accounts that have higher access rights than normal users. By gaining access to PAM, the hackers were able to access Uber’s cloud profiles, expense dashboards, and other critical information which compromised Uber’s security. What happened to Uber can happen to any company. What are you doing to help your company stay safe from breaches? Let us know in the comments below!