‘Either inside job or hackers were tipped off’
Ukuvuma Security managing director, Andrew Chester, has questioned Liberty Holdings’ state of preparedness for the data breach, and their security practices.
“Why did Liberty have unstructured e-mail data and attachments that were left unmonitored,” Chester asked, “... and more importantly, why was this sensitive data not encrypted?”
When doing threat hunting or a security analysis for any company, he added, the first thing one looks for is how easy it is to extract data without being detected.
“Additionally, how did the hackers know where to find the data? If it was an inside job they might have been tipped off but if it wasn’t, it means that they spent enough time on the infrastructure to know where to look, which is very alarming.”
Another point to consider, said Chester, was how the hackers gained access.
“It most likely happened in one of two ways, it was either an inside job, or someone with the correct privileges was hacked, which means that they could have used that person’s permissions to get into the system.”
This, he claimed, could have been avoided by applying general practices, such as encrypting sensitive data, segregating it from vulnerable systems, and building in rigorous access control and monitoring systems. – ANA