Sep 29, 2022
Sohini Roy
The Lapsus$ cyberattack on Okta, a prominent identity and access management company, highlighted vulnerabilities in third-party vendor management. Okta's vendor, Sitel, was compromised, allowing hackers to gain access to sensitive systems through a remote device of an employee.
Key Details of the Attack:
Okta Overview: Okta provides cloud software that manages and secures user authentication into applications, ensuring seamless login across various platforms.
The Breach: On January 21, 2022, the Lapsus$ group gained access to Okta via Sitel by hacking into a remote device of one of its employees. This breach affected 366 customers, representing around 2.5% of Okta's total customer base.
Attack Timeline: The attack lasted for 25 minutes, allowing the hackers to access two active customer tenants, but they were unable to reset passwords or change configurations.
Post-Attack Report: Okta's forensic investigation suggested that the breach resulted from negligence on the part of the third-party employee. Okta's Chief Security Officer, David Bradbury, indicated that although the breach was limited in scope, the loss in trust was significant.
Lessons Learned:
Limiting Data Access: Organizations should ensure that data access is restricted, allowing only necessary access to relevant employees.
Employee and Customer Training: Regular cybersecurity training for employees and customers is crucial, as many attacks exploit human error.
Transparent Communication: Clear and timely communication between employees, vendors, and customers is essential during incidents.
System Review and Monitoring: Continuous system checks and threat detection tools must be used to prevent future attacks.
About Genesis:
Genesis is a cyber risk management platform that helps organizations manage and reduce attack surfaces, monitor cybersecurity posture, and identify vulnerabilities. With Genesis, businesses can prevent data breaches, discover third-party risks, and build proactive security programs through the use of risk scoring.