Equifax Breach & Why Your Company is Next


               The Hybrid Cloud Data Center Paradigm Shift That Leaves Security Behind
               by Dave Klein, Senior Director of Engineering & Architecture, GuardiCore

                                                                              th
               When the Equifax breach was announced on September 7 , I was not surprised.  When
               I heard the magnitude of the damage: 143 million US consumers and 44 million British
               consumers  –  which  equate  to  roughly  57%  and  97%  respectively  of  both  country’s
               populations, age 18 years of age and older - I, again, was not surprised.  Why?

               Four years ago, I began seeing breaches occur in my customer’s data centers, both on
               premises and in the cloud and utilizing my customer’s own application workflows to hide
               their activity as they progressed. Attackers dwelled undetected for long periods of time,
               spreading laterally with ease. Tools at our disposal for cyberattacks were purpose built
               for  yesterday’s  cyber  battles  occurring  outside  of  data  centers.   Not  only  were  these
               attacks  in  places  we  weren’t,  they  also  behaved  unexpectedly.  It  was  as  if  we  were
               firefighters  battling  an  internal  factory  fire  while  being  forced  to  stand  outside  the
               building’s thick concrete walls.

               The IT world had shifted dramatically, and, in its transformation, cybersecurity had been
               left  behind.  IT,  had  moved  valuable  resources  to  hybrid  cloud  data  centers  but
               cybersecurity  solutions  and  practices  had  not  kept  pace  with  the  transformation.
               Cybercriminals had already seen the shift and adjusted to maximize the larger attack
               surface, and reaped accordingly.


               Equifax provides a great example of a breach that took advantage of this IT paradigm
               shift.  The  cybercriminals  attacked  Equifax’s  data  centers  directly.  Focusing  on  the
               vulnerability however is like missing the forest through the trees. Equifax’s vulnerability,
               Apache Struts, was merely the entry point.  To steal roughly half the US population’s
               information and almost  all  of  Great  Britain’s  so  quickly  tells  us  the  attackers became
               well established within the application housing targeted data.  They overcame the front-
               end querying capability to syphon off massive amounts of data while avoiding encrypted
               data at rest on the backend.


               If  the  IT  paradigm  shift  has  changed,  as  seen  with  the  Equifax  attack,  how  can  we
               bridge that gap?  Taking perimeter solutions and endpoints into the hybrid cloud data
               center  environments  won’t  work.  Customization  to  legacy,  traditional  cybersecurity
               solutions  to  transform  them  from  north-south  solutions  that  bring  them  into  east-west
               environments is not possible. No matter what retrofitting is done, they are poorly suited
               for their new working environment.


               When looking at new security solutions that can help you avoid being the next Equifax,
               here are five attributes you should consider for security applications and data in hybrid
               clouds:
                    45   Cyber Defense eMagazine – October 2017 Edition
                         Copyright © Cyber Defense Magazine,  All rights reserved worldwide.