You’ve no doubt heard about the big hack of 2020 by now. A nation state-sponsored team used carefully crafted backdoors in a monitoring solution to invade government entities and many unknown commercial users. How did we get here? Why were they so successful? Who is going to get yelled at to make the management team feel better this time?
Justin Cohen takes a long, hard look at the cultures that can exacerbate this kind of problem. The hack was bad enough in and of itself. But when you add in the lack of resources most IT departments are working with, in the current era, along with the fact that even a single mistake can create an environment ripe for exploitation, it doesn’t take much to figure out this was going to happen sooner or later. As Justin puts it:
When people are pushed to the limit, especially those in smaller IT organizations that is where corners get cut. Maybe you used Telnet when you should have enabled SSH, or used the same passwords for a bunch of accounts. For years and years, service accounts were built with full-admin rights to the entire network and even given interactive logon rights. We did these things and didn’t think anything of it. Now we know better, but did we go back and fix every single little thing we ever did wrong?
Read more at his blog: Juggling the many masters of IT in a hacker centric world against nation states