If you can't hack technology, why not try hacking people.
Networking equipment powerhouse— Cisco— confirmed on August 10, 2022, that it was a victim of a cyberattack after the attackers got hold of an employee's personal Google account that contained passwords synced from their web browser.
Initial access to the Cisco VPN was achieved via the successful compromise of a cisco employee's personal Google account. The user had enabled password syncing (autofill) via Google Chrome and had stored their Cisco credentials in their browser, enabling that information to synchronize to their Google account.
After obtaining the user's credentials, the attacker attempted to bypass Multi-Factor Authentication (an added layer of security) using a variety of techniques including Vishing (user manipulation on a phone call) and #MFA fatigue that impersonated trusted support organizations.
Although Cisco was lucky not to identify any impact on their business as a result of the incident, including Cisco products or services, sensitive customer data or sensitive employee information, intellectual property, or supply chain operations, there are important lessons to learn from this incident.
LESSONS TO LEARN FROM CISCO CYBERATTACK
There isn't a silver bullet in Cybersecurity. As organizations roll out defenses like MFA, attackers will find a way to bypass them. While this can be frustrating for organizations, it is the reality security professionals live in.
We can either get frustrated by the constant change or choose to adapt and stay alert. It helps to recognize that there is no finish line in #cybersecurity— it is an endless game of survival.
You can contact us directly or visit our office from Monday to Friday
Goldlink House, 2 Harare Steet, Off Rabat Street, Zone 6, Wuse, Abuja.
8AM - 5PM