The List of Breaches Lengthens: McDonald’s, Volkswagen and Audi
Several new high-profile breaches from McDonald's, Volkswagen and Audi are making headlines. What can we learn from the cyberattacks?
High-Profile Corporate Breaches Making Headlines
Hardly a day goes by, it seems, without another high-profile victim of hacking being exposed. The latest ones are McDonald’s, Volkswagen, and Audi.
The McDonald’s breach took place in South Korea and Taiwan. Customer and employee information was exposed such as e-mails, phone numbers, and delivery addresses. No payment information was compromised, according to the company. The exact number of records involved was not mentioned, but it was not said to be large number.
That wasn’t the case with a breach of the systems of carmakers Volkswagen and Audi. 3.3 million recorded were impacted. These comprise a database of buyers and prospects between 2014 and 2019, 95% in the United States and the rest in Canada.
The worrying aspect is that this data was left online and unprotected for a period sometime between 2019 and 2021. That’s a lengthy window for confidential data to be unsecured. The attack vector has been traced to another vendor, but the exact method of breach has not been revealed.
In this case, the data leaked is far more severe: Names, addresses, email, phone, and vehicle ID, make, model, year, and color. To make matters worse, purchase and lease eligibility financial data was also compromised. This consists of driving license numbers, dates of birth, Social Security numbers, account or loan numbers, and tax identification numbers.
Those individuals impacted by the exposure of this sensitive information could becomes victims of identify theft. The companies are offering free credit monitoring to those concerned.
Breaches Will Happen
This latest rash of announcements from McDonald’s, Audi, and VW followed statements from the likes of VMware, Adobe, Microsoft, and many others. And, of course, we have recent ransomware victims such as Colonial Pipeline and meat processor JBS.
The obvious conclusion from these announcements is that breaches can and will happen. They are inevitable. Therefore, organizations need to devise a two-pronged strategy to deal with them.
How to Manage Breaches
- Figure out what they are going to do to mitigate the impact of a breach, root out any remaining malware, deal with ransom demands, and be able to recover and resume service in a timely manner.
- Step up preventive measures to detect potential threats, spot strange traffic, and other anomalies, scan for vulnerabilities, and in general do all that can be done to minimize the chances of attack.
For 2 above, there are a great many standard security tools that should be deployed. These include IDS/IPS, threat intelligence, SIEM, AV, anti-malware, access control, and more. What should be well understood is that the bad guys tend to follow the line of least resistance.
Just as muggers look for people walking alone at night in a deserted area, hackers prefer to attack organizations that have a poor security perimeter, an outdated IT infrastructure, and most importantly, unpatched systems. They actively send bots around looking for such low-hanging fruit. Once found, they can easily enter and cause havoc.
Therefore, it is vital to always patch your systems. In many ways, this should be top of the list of immediate actions to take to greatly reduce the chances of attack. Perhaps one day we will see a court room drama play out where the defendant claims he took every precaution to prevent a cyberattack.
The prosecutor leans forward suspiciously and says, “But did you ensure that all critical patches were up to date using an automated patch management platform?”
“IT is undermanned, so we had months of undeployed patches that we intended to get to eventually.”
Prosecutor: “I rest my case.”
How Syxsense Can Help
Syxsense provides that first line of defense against cyberattack by automating the patching of all systems. Systems are continually breached due to well-publicized patches not having been deployed across the network.
Syxsense Cortex simplifies complex IT and security processes with a drag-and-drop interface. Pre-built templates keep organizations secure and without needing large teams, specialists, or scripting.