Phone : +91 95 8290 7788 | Email : sales@itmonteur.net

Register & Request Quote | Submit Support Ticket

Home » Cyber Security News » Rise of cyberattacks targeting reputations – ET CISO

Rise of cyberattacks targeting reputations – ET CISO

Rise of cyberattacks targeting reputations – ET CISO

https://etimg.etb2bimg.com/thumb/msid-114492449,imgsize-469972,width-1200,height=765,overlay-etciso/ot-security/rise-of-cyberattacks-targeting-reputations.jpg

Cybercriminals are expanding their tactics beyond ransomware. They are now manipulating narratives and deploying disinformation. This strategy aims to destabilise organisations and tarnish reputations.

Take the recent case involving a leading insurance firm. A typical data breach? Not quite. This one goes much deeper. It’s not just a story of stolen data but a calculated attempt to destroy the career of the company’s CISO. And in doing so, it highlights the terrifying reality of how cyberattacks have evolved.

In this case, a hacker going by the name “xenZen” didn’t just breach the insurance company’s system. With a fabricated email, xenZen also tried to convince the world that the CISO was in on it, that they had willingly handed over sensitive data. The accusation sparked headlines, and the story began to spiral. But it wasn’t true.

The real story

On September 20, our research team at CloudSek detected that xenZen had posted an offer to sell 7TB of customer data stolen from the insurance firm. That’s 31 million people’s personal information, includ ing their names, addresses, and health records, up for grabs on the dark web. The breach itself was very real, and its scale was massive.

But when the hacker claimed that the CISO had leaked the data, we knew something was off.

Our investigation exposed that the supposed “proof” of the CISO’s involvement was fabricated. xenZen had doctored an email using a simple trick—altering the HTML code with the “inspect element” function. It was an easy way to make it look like the CISO had sent sensitive information, but it was a complete forgery.

The credentials that xenZen claimed to have received from the CISO? They were part of a separate credential breach already floating around on the dark web. The hacker found these credentials and used them to exploit a vulnerability in the company’s system.

Exploiting a technical flaw

Once xenZen had the stolen credentials, he didn’t need insider help to access the company’s database. He exploited an Insecure Direct Object Reference (IDOR) vulnerability in the company’s API, a type of security flaw that allows unauthorised users to access sensitive data simply by manipulating URLs. In this case, the flaw gave the hacker access to 7TB of customer information, allowing him to steal the data without raising any red flags.

But here’s the critical part—this was never about insider collusion. xenZen’s real goal was far more malicious. He didn’t just want the data; he wanted to destroy the reputation of the person responsible for protecting it.

In this case, we discovered that xenZen had a history of targeting Indian organisations, and his actions seemed to have a geopolitical angle.

Rahul Sasi is CEO & co-founder of CloudSek

  • Published On Oct 23, 2024 at 11:22 AM IST

Join the community of 2M+ industry professionals

Subscribe to our newsletter to get latest insights & analysis.

Download ETCISO App

  • Get Realtime updates
  • Save your favourite articles


Scan to download App

Information Security - InfoSec - Cyber Security - Firewall Providers Company in India

 

 

 

 

 

 

 

 

 

 

 

 

What is Firewall? A Firewall is a network security device that monitors and filters incoming and outgoing network traffic based on an organization's previously established security policies. At its most basic, a firewall is essentially the barrier that sits between a private internal network and the public Internet.

 

Secure your network at the gateway against threats such as intrusions, Viruses, Spyware, Worms, Trojans, Adware, Keyloggers, Malicious Mobile Code (MMC), and other dangerous applications for total protection in a convenient, affordable subscription-based service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services. Stateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols.

 

Firewall Firm is an IT Monteur Firewall Company provides Managed Firewall Support, Firewall providers , Firewall Security Service Provider, Network Security Services, Firewall Solutions India , New Delhi - India's capital territory , Mumbai - Bombay , Kolkata - Calcutta , Chennai - Madras , Bangaluru - Bangalore , Bhubaneswar, Ahmedabad, Hyderabad, Pune, Surat, Jaipur, Firewall Service Providers in India

Sales Number : +91 95 8290 7788 | Support Number : +91 94 8585 7788
Sales Email : sales@itmonteur.net | Support Email : support@itmonteur.net

Register & Request Quote | Submit Support Ticket