Data Leakage: What We Can Learn From the Uber Case and How To Plan the Budget for Next Year

The cybersecurity industry is predictably abuzz following the Uber security incident first reported on September 15. This concerns how an (allegedly) 17-year-old attacker was apparently able to hack the ridesharing giant’s IT infrastructure and acquire access to user data, as well as access vulnerabilities reported to Uber’s HackerOne account.






Uber Hacked Kill Chain :

1. Reconnaissance

Employee information from dark web / VPN

2. Weaponization & Delivery

Social engineering campaign and man-in-the middle MFA portal

3. Exploitation

VPN access and internal network exploitation

4. Privilege Escalation

Hacker found that contained admin access

5. Objective Achieved

Hacker announced that uber has been hacked at employee slack channel

Lesson learn from Uber Hack

  1. Penetration testing of the web applications is not enough anymore we should to do  penetration testing of the internal applications as well
  2. Security Operation Center did not cover external asset we should to do  Security Operation Center extend to outside assets (threat intelligence)
  3. Limited red-teaming/ social engineering activities we should to do Active red-teaming exercises
  4. MFA did not support social engineering preventions we should to do Support with MFA tested again

social engineering

Based on my views regarding this seminar as part for Equinox Shipping Group what should to do is a :

1. Social Engineering Campaign – annually.

( Baiting, Pretexting, Phishing, Spear Phishing, Quid Pro Quo, Tailgating, Scareware, etc)

2. Cyber drill annually

(Vishing scenarios are devised to test employees, etc)

3. Prepare for “ Cloud Security “

4. Cyber Monitoring and operations

5. Protect Financial data

6. Endpoint and network security

7. Identity and access management

8. Cyber resilience

9. Application and data protection

10. 3rd party/vendor security management