Inside The LastPass Breach

Not so long ago, Social Security numbers served as the most common way to access sensitive information. With the growth of the Internet over the past few decades, passwords and Personal Identification Numbers (PIN) have become a part of our everyday lives. While it used to be easy to keep track of that one memorable master passcode that could be used to access everything from personal bank accounts to work email to managing your online recipe collection, safety protocol now requires unique passwords for every account created. Keeping track of the various keys to the virtual castle has proven nearly impossible for most, leading to the development of popular password management tools. But what happens when the system in charge of keeping all the secret passcodes secure has its own security breach?

A favorite password management tool, LastPass, was hit by a security breach last year and  hackers were able to access the cloud based storage environment. While no customer data was initially accessed, technical information was stolen and used to target an employee to obtain credentials and keys to access and decrypt information. This resulted in the malevolent actor gaining access to basic customer information including “company names, end-user names, billing addresses, email addresses, telephone numbers and the IP addresses from which customers were accessing the LastPass service.” While LastPass is confident their encrypted fields of the most sensitive information remain secure, LastPass has asked their customers to be vigilant against phishing schemes, especially those asking clients to click on links to verify personal information. LastPass additionally recommends clients who have not followed the best practices for setting up password security as outlined by LastPass, consider minimizing risk by changing stored passwords.

So what makes companies like LastPass vulnerable to malicious cybersecurity attacks? Common infrastructure in cybersecurity refers to the shared systems, networks, and technologies that organizations rely on to conduct their daily operations. These include things like servers, cloud services, networks, and databases. While these technologies are designed to make it easier for organizations to share resources and collaborate, they also create potential security problems that can put companies at risk.

One critical issue in common infrastructure is the SSL critical vulnerabilities. SSL (Secure Sockets Layer) is a security protocol that is designed to protect sensitive information as it is transmitted over the internet. However, in recent years several critical vulnerabilities have been discovered in the SSL protocol that allow hackers to intercept and decrypt sensitive information. A recent example of this is the announcement made in late 2022 by OpenSSL, where two critical vulnerabilities were found in the OpenSSL library, potentially allowing attackers to intercept and decrypt sensitive information, potentially leading to data breaches. Another example of a potential security problem in common infrastructure is the risk of denial of service (DoS) attacks. These attacks occur when a hacker floods a network or server with traffic, causing it to crash or become unavailable. This can be devastating for companies that rely on these systems to conduct their daily operations, as it can result in lost revenue and damage to reputation.

These examples illustrate the importance of staying vigilant and proactive when it comes to protecting critical infrastructure from cyber threats. Organizations need to ensure they are using the latest security protocols and technologies, and that they have incident response and crisis management plans in place to respond quickly in case of a security incident. Additionally, regular security awareness training for employees is necessary to help them identify and avoid potential threats.

Companies without the time, energy or budget for in-house cybersecurity departments can protect themselves by outsourcing their cybersecurity needs to companies like NuSpective. NuSpective and its partners offer a range of security solutions to detect and prevent data breaches, DoS attacks, and malware infections. Solutions typically include firewalls, intrusion detection systems, and antivirus software in addition to incident response and crisis management to limit damage and provide a quick recovery in the event of a security incident.  NuSpective also offers resources for security awareness training to help employees identify and avoid potential threats because prevention is always better than a cure.