Over 100 million people affected in Capital One’s breach, 147 million in Equifax – two of the biggest in an ever-growing line-up of attacks through web application firewalls that are used to protect consumer-facing apps. Here, Eyal Wachsman, CEO of Cymulate and Will LaSala of OneSpan share their insights…
“With Capital One, the misconfiguration enabled the attacker to use three commands to access, list and copy or sync the folders. If configured properly the WAF would have blocked these commands.” – Eyal Wachsman
Will LaSala, Director Security Solutions, Security Evangelist, OneSpan added;
“Systems and network engineers have access to all kinds of personal data in most systems, and it only takes one bad actor to shine light on a huge potential security hole. In most organisations, the people that develop and code the systems have access to underlying controls that can be modified to meet a malicious insider’s nefarious needs.
Having proper DevSecOps, processes and procedures in place will help organisations analyse what is happening and detect the necessary actions to stop bad actors in their tracks, before they can cause huge damage. But processes alone are sometimes not enough, and this is where technologies that automatically harden backend and client side systems can help organisations face insider attacks head on.”
And in case anyone had forgotten, here’s what Capital One’s CEO, Richard D. Fairbank, had to say by way of contrition;
“While I am grateful that the perpetrator has been caught, I am deeply sorry for what has happened… I sincerely apologise for the understandable worry this incident must be causing those affected and I am committed to making it right.”
To (liberally) paraphrase a line by poet John Clare;
“O words are poor receipts for what hackers hath stole away”
