Have you heard? Tech giant Dell suffered a major data breach exposing the personal information of millions.
Host Yigal Behar and guest Seth Melendez of WareGeeks Solutions talked about this recent data breach, how the Library of Congress stopped a cyber attack, and more on this episode of The Cybersecurity Insider.
Dell Customer Database Compromised
On May 9, 2024, Dell Technologies has recently notified approximately 49 million customers about a cybersecurity incident involving a Dell portal(ref). The compromised database within the portal contains customer names, physical addresses, and hardware and order information.
What Information Was Compromised?
While Dell Technologies has confirmed the exposure of names, physical addresses, and order information, it’s unclear whether other sensitive data like credit card information was compromised. The extent of the breach is still under investigation.
What Should Dell Customers Do?
Seth recommended that Dell customers should do the following:
- Change Passwords: Immediately change and update passwords for any accounts linked to your Dell information.
- Monitor Credit Cards: Check your credit card statements for unauthorized activity and notify your credit card company about the breach. Seth recommended to “lock it down just for the time being [and] make sure that nobody can use it—make sure that anything connecting to that account is secure. If the credit card you haven’t updated the password in over a year with that one now it’s the opportunity time to do it.”
- Use a Password Manager: Seth advised getting a password manager to securely store and manage passwords for different accounts.
Library of Congress Successfully Fends Off Cyber Attack
The conversation then turned to the U.S. Library of Congress (LOC), which recently faced an attempted cyber attack by the Rhysida ransomware gang. This attack coincided with a similar incident at the UK British Library (ref).
Thanks to the implementation of multifactor authentication (MFA), the LOC successfully prevented the breach.
How Did MFA Help?
MFA enhances security measures by demanding users to present forms of identification to enter an account or system. This makes it harder for threat actors attempting to gain access even if they have managed to acquire a user’s password.
LOC’s Response to the Attack
Following the attempted breach, the LOC took immediate action by taking targeted services offline. They have also started decommissioning old equipment and adopting new security tools to further strengthen their defenses.
According to Yigal, the LOC’s response was a “successful ER (emergency response).” Yigal added, “It’s actually a good sign. [It’s] something that show us that they are changing something in [their] state of mind and finally they are using new technology and using MFA in order really to do a better job in defending their systems. But the fact that they are decommissioning other older systems so that also probably gave them the push to do that while they were supposed to do it. This event just pushed them forward to make those changes.”
Yigal and Seth praised the dedicated efforts of Judith Conklin, chief information officer at LOC since 2021, who has “more than 24 years of experience at the Library and a background in network engineering, IT security and telecommunications (ref).”
Seth said, “Looks like she’s got really good foundational work for her.”
This brings Yigal to comment about the importance of how “having the right people in the right places to make sure that those things [cybersecurity attacks] won’t happen.”
Security Is Not a One-Time Thing
Following the LOC conversation, Yigal and Seth expressed their thoughts on security, which isn’t something you can just tick off once and be done with. It needs training and application.
Yigal then shared a situation where they conducted cybersecurity training for a client who had experienced a data breach. Following the training, the client felt more safe and had the required security measures set in place.
Seth emphasized that promoting a culture of accountability is key to ensuring a “sound IT cyber security stance” within an organization. “It doesn’t matter what policy they put in place. If there are no ramifications for not following it, it doesn’t matter what they do so if you tell people they have to do MFA or they have to do a security a certain type of way and they don’t do it and yet they don’t get in trouble for it, then that’s where the problem comes in,” he said.
Yigal agreed, “Because [at] the end of the day, it’s not about the technology. It’s more about the people that operate their technology right. And if you don’t have support from management, and if the employees don’t care so much, it probably comes from top to down, see that the management is supporting those initiatives they are not going to do anything about it. Company culture—organizational culture should be there in order to help with security.”
Security Is a Layered Approach
Seth then started sharing his experiences where he worked as a regular security, and the guy he worked with was a former burglar.
The ex-burglar said small, loud “yapping” dogs were the best way to stop break-ins. He said they always woke up the owners and made it impossible to sneak in. He said dogs were “better than any alarm” because they can’t be turned off. He also said motion lights and alarms on doors worked well because these “little things” would mess up his plans and stop him from robbing the house.
So, what’s the point of all this?
Seth noted that if more people used these easy ways to protect their homes, it would be much harder for bad guys to steal from them.
So, when it comes to having multiple layers of security, even simple ones, can make a big difference in preventing and stopping cyber attacks.
The Onion Analogy
Yigal then uses the analogy of an onion to explain the layered approach to security.
Similar to how an onion consists of layers, effective cybersecurity involves having multiple layers of defense.
Many people tend to favor a high percentage security solution (90% protection) over several smaller layers. But Yigal argues that employing an “onion” strategy, where each layer offers 5% to 10% protection is more efficient in the long run.
The main idea here is that cybersecurity is best tackled using an “onion” approach, where smaller security measures collaborate to offer protection rather than relying solely on a single high percentage of control.
Importance of Employee Buy-In & Accountability
Seth also stressed the importance of having employees fully onboard with and following security policies and procedures for a security strategy to work effectively.
He shared instances where employees circumvent security protocols like using service elevators or propping doors open which could compromise security.
Seth attributed this oversight to company negligence, “Let’s say you had painters or contractors they would prop doors open because they would move equipment in and out things like that. So, I remember when I worked security we would any type of contractors we’d watch them because you don’t know what they’re bringing in and what they’re bringing out and you don’t know what they’re leaving behind. So those are the type of things that people don’t seem to understand.”
Furthermore, Seth pointed out that vendors and contractors with access to company systems and networks can also pose a security threat if granted unnecessary privileges. An example is given where a vendor was granted full admin access to a database when only specific system access was required.
Yigal noted this as an easy way out for companies because “it doesn’t require thinking; it doesn’t require any planning. [It’s like] okay, let’s just give them more access that they need.”
That’s why Seth tried to explain to people that they “don’t have to go out and create a bunch of new technology [or] use new technology because I know some people are averse to having to do multi-factor. They hate having to [ask] ‘Oh, where’s my fob?’ and remember their old pins and things like that,” he stressed. “But there are multiple ways to do multi-factor authentication that isn’t going to create any extra work for you, but you know once you start using it it’ll be a lot easier for you.”
Yigal and Seth reiterated that cybersecurity requires consistent diligence and vigilance.
Future Podcasts & Projects
In future podcasts, Yigal will talk about two client cases. One case is about defending a jewelry company from a cyber attack while the other deals with a construction company that experienced a breach. The construction company’s security breach began with an email attack, which led to further issues.
Before signing off, Yigal mentioned his plans to bring one of his colleagues to discuss these cases in detail for future podcasts. Meanwhile, Seth’s setting up a lab in his basement to support his multiple projects.Don’t miss out on expert insights and analysis you’ll only find on The Cybersecurity Insider. Check us out on YouTube, Apple, and Spotify, and be the first to know when new episodes drop!