Cyolo Receives Investment from IBM Ventures for Zero Trust Secure Access Platform

5 Data Breaches in Q1 2021 & How They Could Have Been Avoided

Cyolo Team

Cyolo Team

5 Data breaches 2021

2021 might mark the beginning of the end of Covid-19, but not the end of cybersecurity attacks. Over the past quarter, hundreds of recorded attack incidents, including breaches, malware injection, phishing, and more, have affected organizations worldwide. Let’s look at five of the most significant breaches in the past quarter, and see how zero trust security could have helped prevent them or mitigate the risks.


1. Microsoft Exchange Server: Vulnerability Exploitation

Four zero-day exploits were discovered in Microsoft Exchange Servers, which reside on-premises in multiple organizations. At least 250,000 of these servers have been attacked since the beginning of January 2021. These include 30,000 servers in the US and 7,000 in the UK, as well as servers belonging to leading global political organizations like the Norweigan parliament, the Czech government, the European Banking authority and Chile’s Commission for the Financial Market. The attacks enabled perpetrators to access the network and gain internal control, even to sensitive components like the Active Directory.


Patches to the servers were released by Microsoft throughout March 2021. But these help prevent future attacks, not with mitigating the damages that occurred so far.


How Zero Trust Can Help: Preventing Lateral Movement and Internal Advancement Techniques

With Zero trust, even if attackers are inside the system, they will not be able to see its different components and architecture, since they are not an authenticated device. This includes the Active Directory. As a result, they will not be able to advance in the system and gain a foothold in it. In addition, recording and auditing capabilities would enable monitoring the perpetrator actions, to see which actions have been taken and to obliterate their effect.

This means that companies that use the Microsoft Exchange Server, but also implement zero trust, would have been minimally affected from the vulnerability. In addition, they would have been able to monitor the attacker’s actions in their network.


2. Oxford University Covid-19 Lab: Internal Systems Penetration

The Division of Structural Biology at Oxford University, one of the most renowned biology labs in the world, was hacked. Perpetrators were able to gain access to internal lab systems that are used for preparing biochemical samples, including for coronavirus research. The scope of the breach and its effect are still unclear. While it seems no damage was done, they could potentially range from selling intellectual property to sabotaging research.


How Zero Trust Can Help: Device Authentication

Zero trust prevents unauthorized devices and users from accessing internal systems by continuously authenticating identities before providing access. Based on the “trust no one” concept, zero trust would have prevented the Oxford attackers from accessing lab systems. The attacker’s devices would not have been verified and approved, and the research would be safe.


3. Walmart: 3rd Party Data Breach

Walmart announced that one of its data hosting suppliers had been compromised, resulting in stolen PII from Walmart’s pharmacy patients that resided on their servers. This included names, addresses, DoBs, phone numbers, medical information, prescription information and health insurance information. Walmart’s systems were not affected.


How Zero Trust Could Have Helped: Internal and External Protection

In zero trust, devices are authenticated every time they access systems, apps and assets. Constant verification ensures unauthorized devices do not have access to sensitive and valuable data. This includes MFA, SSO and additional authentication methods. In addition, zero trust hides the network structure from attackers, so they cannot see where the valuable data resides

By ensuring their third party supplier implemented Zero Trust, Walmart could have protected the personal information of their patients. Zero trust could have prevented attackers from gaining access to the supplier network. If the attackers were already inside – it would have prevented them from accessing Walmart’s customers’ information.

Another example of a third party data breach from this year is Ubiquiti, a large IoT technology vendor. In the case of Ubiquiti, a third party cloud provider accessed the Ubiquiti database and stole personal information and credentials, like passwords.

In this case, by implementing zero trust, Ubiquiti could have prevented the cloud provider from gaining unauthorized access. It could have set policies limiting their access. Thus, even if the supplier was affected, Ubiquiti would not have been.

Read more about preventing 3rd party attacks here.


4. California State Controller’s Office (SCO): Phishing Attack

The SCO, which handles more than $100 billion in public funds each year, was the victim of a phishing attack. An employee clicked on a malicious link, granting the attacker access to their email account. The phishers were able to access the system for more than 24 hours. They stole SSNs, sensitive files and PII, and sent more phishing emails.


How Zero Trust Can Help: User Validation and MFA

Zero trust combats phishing by preventing attackers from advancing in the system. Even if the attackers were able to gain access through a malicious link, they would not have been able to access sensitive files and data. By implementing access authentication methods like MFA, the network would have stayed protected, even after the employee accidentally clicked the link. Read more about preventing phishing attacks here.


5. Mimecast: Certificate Breach

Mimecast, a provider of security email services in the cloud, was breached by a criminal compromising a certificate used to authenticate Mimecast products. 10% of their customers used the compromised connection, and a few were targeted.


How Zero Trust Can Help: MFA

Zero trust implements multi-factor authentication to ensure user and device verification are not based only on a single factor or factors that might be compromised. As a result, Zero Trust would have authenticated the devices with additional factors on top of the certificate, like behavior analysis, keystroke dynamics, and more. Read more about MFA here.


How to Combat Attacks in 2021

As we end Q1 2021 it becomes clear that the growing number and sophistication of cyberattacks is not slowing down. Cyber attackers are attempting to gain access to systems and assets, putting every company and individual at risk. From stealing PII to risking Covid-19 research to asking for ransoms, attackers have no boundaries when it comes to gaining a financial advantage or causing destruction.

Zero trust can significantly reduce the number and scope of attacks. The zero trust model denies perpetrators access to the network, and blocks their ability to see it and advance in it if they’re inside. This is a considerable advantage when dealing with cyber attacks.

Cyolo is the leading zero trust security provider for organizations that want to protect their intellectual property. By securely connecting all users from anywhere without requiring a VPN, and authenticating devices, Cyolo enables employees to focus on their work and your business to grow. Cyolo provides advanced user management features, real-time recording abilities and an easy to use UI. Cyolo can also integrate with your VPNs, if needed. 

Cyolo takes minutes to implement and is compatible with any network topology and identity infrastructure. In addition, Cyolo does not have access to the organizational data. Not only does this ensure true privacy and security, it also improves performance as a better user experience. Request a demo to learn more:

Subscribe to our Blog

Get the latest posts in your email
OT/ICS Security: People and Challenges

The State of ICS/OT Cybersecurity in 2022 and Beyond, Part 1: People and Challenges

More Articles

Subscribe to our Blog

Subscribe to our Blog

Get the latest posts in your email