itSMFI 2017 Forum Focus - June Forum Focus ITSMFI | Page 18

Return to Sender
By Alexander Garcia-Tobar
After a cyberattack, companies remain vulnerable. What CIO’s
can do to protect their brands.
A recent cyberattack on a well-known tech company
shows that even when the toughest anti-phishing
policies are in place, 70% of companies that attempt
email authentication leave the final configuration
incomplete. The result is that many CIOs may leave
their companies even more vulnerable to phishing
attacks without knowing it.. Here’s how to solve the
problem.
Here’s a security scenario that’s all too common: A
company suffers from cyberattack, then responds to it
promptly and alerts its customers, warning them to
change their passwords. But the company remains
vulnerable through the very means it uses to alert
those customers: Email. In fact, attackers can exploit
that vulnerability using email that pretends to be a
security warning from the company, targeting
customers and wreaking even more damage.
For example, on May 31, popular cloud-based
password manager OneLogin announced that it had
suffered a serious security breach, and it updated its
report the next day with a few more details.
The company communicated with its customers and
the public promptly. OneLogin said the breach
involved a hacker obtaining a set of Amazon Web
Service keys and using them to gain access to
OneLogin’s servers on AWS and create several new
instances, which they then used to do reconnaissance.
According to a customer email reported by
TechCrunch, “All customers served by our US data
centre are affected; customer data was compromised,
including the ability to decrypt encrypted data. “To its
18 itSMFI Forum Focus—June 2017