Sans Institute Editor: Anthem Breech “looks like the common combination of exploiting well known vulnerabilities with a targeted phishing attack”

Sans Institute Editor flags Anthem breech cause:

[Editor’s Note (Pescatore): Focus on what vulnerabilities were exploited to breach Anthem, not who launched the attack. So far, it looks like the common combination of exploiting well known vulnerabilities with a targeted phishing attack at the front end. When Critical Security Controls are not in place or are disabled or mismanaged, advanced targeted attacks do *not* need to be very “advanced.”
(Honan): As with previous major breaches the how the breach happened is the more important lesson for most people, rather than the who conducted the attack. Let law enforcement worry about who is behind the attack and hopefully put them behind bars, let those of us responsible for protecting our networks focus more on the how the attack happened and put in the appropriate controls to prevent it. ]

You may also like...

Leave a Reply