No one really knows who my parents are or where I came from. Some say my father was a Nigerian con-artist, but in my mind he is prince who happens to enjoy spear phishing. Others say my parents were SSHPsychos from China.
The version about where I came from that I like the least is the rumor about an office romance, which really was the result of some accidental download. Bob from accounting was convinced he was downloading a spreadsheet attachment from HR.
This story might make you WannaCry, but rest assured it's only the beginning.
My name is Cyber Attack and this story is not about where I came from. This story is about where I'm going.
When you accidentally brought me into your business, your home, and whether you realize it or not, I am now your responsibility. It's simply not enough to protect the perimeter of your business environment. You must secure your internal network. This is because, once inside your business, I deftly use common privileged elevation techniques, and use any and all of the unprotected credentials you have laying around, to gain access to critical infrastructure.
As I gather more credentials from your machines, I am able to land and expand across your networks until I have access to everything. This includes source code hosting repositories, websites, domain name services, and dedicated servers.
I can now exfiltrate all of your source code, customer records, intellectual property, designs, bank records, and anything of value that makes you a business. I can bypass your Digital Loss Prevention (DLP) systems and firewalls by using the same encryption credentials I stole to impersonate anyone and encrypt all data as I move it out of your business.
Now that I think about, I could kill a Fortune 500, but don’t blame me. Your negligence and procrastination have enabled me. I simply did what I was born to, what my parents taught me.
As I said before, it doesn’t matter where I came from or how I got in. Once inside your business, I can move from system to system and take whatever I want, turning what was once a single machine issue into an enterprise-wide crisis.
This short story can have a different ending. It's not all doom and gloom. You can take measures to protect yourself. Take the next step and learn more about monitoring encrypted traffic and controlling privileged access to the cloud without vaults and credentials.
