How a ride-sharing company was hacked using basic technique. It Can impact yours as well

A hacker group was blamed for having breached a ride-sharing company’s security systems and gained access to extensive amounts of data using basic techniques that totals to pressing employees until they provide access using a handheld device. Hand-held devices are still one of the least protected devices in a corporate environment.

I will not spend time on what was breached and what was not because they are still analyzing the impact.

According to ride-sharing company statement, a contractor’s (Third Party Employee) user ID and password were compromised. They utilized social engineering tactics to trick that employee and approve the Sign-in on the hand-held device.

Attacks like this are increasing daily and are no longer a surprise.

Few Security measures that can help to keep your organization safe:

• Educate employees about such incidents and Social Engineering tactics. Educate them to stop and think
• Make it more challenging – Instead of approving “Yes” on a push message, configure the policies to provide a code instead
• Consider implementing a physical/hard key authentication
• Create an incentive plan for the users that report such incidents
• Enable conditional access controls & enable Geolocation based VPN access
• Enable 2FA on VPN and implement PIM/PAM solutions
• Implement mandatory Server access through Jump / Bastion Servers
• Ingest all logs into alerting solution or 24x7 SOC?

What else we can add to the list of mandatory controls?