Undoubtedly, famous public cloud services providers like Amazon, Google, Microsoft, and Western Digital offer a more secure cloud environment than on-premise servers. But what if the hackers target them, locking you out and hampering productivity? Follow this article to learn about the latest attack on Western Digital.
Western Digital recently announced today that an unauthorized party breached its network, gaining access to its multiple company systems. After discovering the breach, the firm launched an investigation into the incident (which is in the early stages) and informed the law enforcement authorities.
The company gathered evidence suggesting that the intruder accessed some of the data. However, we do not know if the stolen data belongs to Western Digital’s customers, employees, or others. Furthermore, it is unclear what type of data the attackers stole and if they used it for identity theft.
Users Unable To Login, Incident Impacts Western Digital’s Reputation
While Western Digital’s primary business is providing customers with a storage device to store data locally, its My Cloud service enables them to back it up on a cloud server and access the contents remotely.
According to posts on Western Digital’s customer support pages, users must authenticate themselves on MyCloud.com to access their My Cloud data. After the incident, home.mycloud.com gave a 503 error, locking out many of its users.
Not The First Time Western Digital Has Run Into Troubled Waters
Western Digital sells many home NAS drives and systems, and the current outage has rendered them inaccessible from outside their home network. The drives support Samba (SMB) connectivity and appear as standard network drives on macOS, Windows, and Linux, but users need to log in to WD’s online platform for external access.
It is not the first time Western Digital has faced security problems, although the earlier ones were security vulnerabilities in their NAS drives, not a problem with online infrastructure.
In 2017, hackers gained unrestricted root access to a My Cloud drive through an admin backdoor (username “mydlinkBRionyg” and password “abc12345cba”). Western Digital quickly fixed it, but security experts discovered another remote access vulnerability in 2021, and WD didn’t fix all of the impacted drives.
Around the same time, hackers remotely deleted the owners’ data of the My Book Live drive, even if they had turned off the cloud features.
Ways To Improve Cloud Security
As more organizations are migrating their data and applications to the Cloud, they need to shift their focus toward protecting sensitive business information. Hence, if they want to maintain customers’ trust and avoid the costs of a data breach (which can reach millions of dollars), preventing leaks and data theft is critical. Following are the steps one can take to improve their cloud security:
1. Deploy Multi-Factor Authentication (MFA): Using traditional username and password combinations is insufficient to protect users from hackers in today’s evolving threat landscape. Stolen credentials are one of the main ways cybercriminals gain access to your online business applications and data.
Image sourced from regroove.ca
Hence, you must protect your cloud users with multi-factor authentication (MFA) and ensure only authorized personnel log in to the cloud apps and access sensitive data in your on- or off-premise environment.
2. Manage User Access: Most employees don’t require access to all applications, every file, or every piece of information in your cloud infrastructure. Therefore, setting adequate authorization levels with an IAM plan will ensure that each employee only views the applications or data necessary for them to do their job.
Assigning access control will prevent your employees from accidentally editing information and protect you from hackers who manage to steal an employee’s credentials.
The above incident highlights the importance of cloud security for businesses in today’s advanced threat landscape. How they approach cloud security differs for every business and can depend on several variables.
Apart from the above-mentioned security measures, businesses can go through the National Institute of Standards and Technology’s (NIST’s) list of best practices to establish a sustainable and secure cloud computing framework.
It mentions the necessary steps for every enterprise to self-assess their security preparedness and apply appropriate preventative phishing protection solutions to their systems. These principles are designed on the NIST’s five pillars: Identify, Protect, Detect, Respond, and Recover.