If Uber can be breached what can I do to protect my business?
🔐As your trusted advisor 👨💻 I make it easier for you to sleep at night 🛌 knowing that your data is secure, your company's image is impeccable, and your team 🧑🤝🧑 is loyal.
On September 15, 2022, NEWYORKTIMES.COM reported that
The Uber company network has been breached again. Uber has collaborated on this.
report as well. Uber is not the only company that offers ride-share or food delivery services,
but it is the biggest.
A couple of key takeaways:
The hacker gained access to almost all of the company’s networks. The hacker claims to
be 18 years old. Just think about it. How many years does it take for someone to
gain the skills needed to breach an organization as big as Uber? Uber is a company with
a cyber security budget that must be in the millions of dollars.
The other thing was that all that security was brought down by text message. No high-tech
tools, the hacker just texted an individual inside Uber asking for credentials. This is called
Social engineering The hacker texted the Uber employee after somehow discovering the
employee’s WhatsApp number. Once inside the network, the hacker hit a goldmine when he
found a tool created by an Uber employee used to make logging into sensitive company
networks possible. In short, the Uber employee had built a company tool to make it easy for
a hacker to gain access.
That was that. Everything else just fell by the wayside.
Uber employee built a tool to make it easier for outside hackers
What will the total cost of the breach be? So far, Uber's stock price has fallen about 4% since
the breach. It is easy to assume the expenses will be in the millions of dollars,
but we will need some time to determine the total cost. There are soft costs like public trust.
I, for one, will be riding Lyft for the near future.
If Uber was breached, what chance do I have?
Two things stand out from the attack. The staff
was not trained properly to handle this type of attack. That is why when I work with
clients, I always discuss how critical it is for the whole company team to have good cyber
security training and testing.
The second issue was the staff person who created the logging tool to bypass all the security
measures they had put up. How often did you go through fire drills in school? Businesses
need to do their fire drills, such as cyber risk audits. These audits need to include the
tools the company uses and the way they are configured. So they can root out tools like a
logging bypass tool.
Uber is also in the process of taking its former cyber security chief to court over the
breach. That happened in 2016. So having the right people handling your cyber security
It is just as important, if not more important, than the tools they use.
