If you can't hack technology, why not try hacking people.

Networking equipment powerhouse— Cisco— confirmed on August 10, 2022, that it was a victim of a cyberattack after the attackers got hold of an employee's personal Google account that contained passwords synced from their web browser.

Initial access to the Cisco VPN was achieved via the successful compromise of a cisco employee's personal Google account. The user had enabled password syncing (autofill) via Google Chrome and had stored their Cisco credentials in their browser, enabling that information to synchronize to their Google account.

After obtaining the user's credentials, the attacker attempted to bypass Multi-Factor Authentication (an added layer of security) using a variety of techniques including Vishing (user manipulation on a phone call) and #MFA fatigue that impersonated trusted support organizations.

Although Cisco was lucky not to identify any impact on their business as a result of the incident, including Cisco products or services, sensitive customer data or sensitive employee information, intellectual property, or supply chain operations, there are important lessons to learn from this incident.

LESSONS TO LEARN FROM CISCO CYBERATTACK

1. Don't cache/save credentials in your web browser instead, get a password manager. Storing passwords in your browser gives you a false sense of security, it's an eggshell.
2. Do not log into your personal accounts on your enterprise or work systems. If it becomes borderline necessary to do so, please open in an incognito tab. You can do this by combining CTRL + SHIFT + N on your keyboard.
3. Carefully look at every MFA push notification and DO NOT ACCEPT it if you have not explicitly asked for it on your device.
4. Every individual must be CYBER-VIGILANT. Cybersecurity is a continuous process. It should be kept in mind that cyber attackers develop a solution for every measure taken.

There isn't a silver bullet in Cybersecurity. As organizations roll out defenses like MFA, attackers will find a way to bypass them. While this can be frustrating for organizations, it is the reality security professionals live in.

We can either get frustrated by the constant change or choose to adapt and stay alert. It helps to recognize that there is no finish line in #cybersecurity— it is an endless game of survival.

Source

• The Hacker News
• AndraZaharia
• bleepingcomputer
• therecord.media
• Deepesh Raj