AMD has undertaken an investigation into RansomHouse and how attackers claim to have ‘450Gb’ in stolen data. This has arisen because AMD has been targeted by the extortion group.
The hackers have indicated they are sitting on a trove of data that it has apparently stolen from the processor designer . This follows on from an alleged security breach earlier this year. This is a different incident from one previously alerted to the public by the computer firm.
Allegedly, AMD used very simple passwords, such as “password” to protect their data.
Looking into the issue for Digital Journal is cybersecurity evangelist and privileged access management expert Raj Dodhiawala, president of Remediant.
Summarising the issues, Dodhiawala says: “The latest RansomHouse extortion group attack on AMD has underscored the continued obvious challenges and risks that weak passwords bring to an organization.”
The fact that this remains a common activity is very important, says Dodhiawala,. And it typifies a continuing weakness with many businesses. Dodhiawala says: “Unfortunately, passwords continue to be the gateway to the digital world, and amid a surge in cybersecurity threats and attacks, it is baffling that people still don’t maintain proper password hygiene.”
The weakness of passwords is not simply in terms of gaining access to a computer, it is the opportunities that this way in presents to hackers. Dodhiawala says: “The real damage of weak passwords is that these become the gateway for attackers to compromise admin credentials and move laterally from system to system, making these attacks more devastating than they could be.”
These weaknesses mean that businesses and users need to take appropriate actions. As example, Dodhiawala puts forwards: “To address this, there needs to be a paradigm shift that goes beyond credential hygiene to think about authorization differently”
As a case in point, Dodhiawala says: “Given that nearly 74 percent of cyberattacks leveraging privileged identities, one solution that will negate password compromises is maintaining zero standing privilege (ZSP).”
Weaknesses include access that includes broad privileges, persistent shared accounts, superuser and root accounts.
The danger here is because: “ZSP removes the typical, 24×7 admin authorization, and protects the organizations even if admin credentials, hashes or secrets are compromised even if the attacker has gained a foothold with weak passwords.”