The year 2020 saw many more businesses embracing remote networking solutions to power their work from home. Cybercriminals, recognizing the opportunity, sought out unauthorized access. In January, Ubiquiti emailed its customers informing them of a data breach at its third party cloud provider host.
Regrettably, third party cloud provider breaches are not uncommon. As digital transformation changes the way we do business, companies are more likely to integrate their technology and networks with third party cloud providers. These third parties require privileged access to the business network. Then, in a breach, their access credentials can provide a path into their partner’s data and IP.
Third-party data breaches can bring major damage to enterprises and devastate small businesses. A Ponemon Institute study revealed,“53% of organizations have experienced one or more data breaches caused by a third party, costing an average of $7.5 million to remediate.”
Third-parties include companies offering data management, web hosting, e-mail services as well as law firms, subsidiaries, vendors, service providers, and subcontractors. Several well-known brands suffered third-party breaches in 2020 including:
Ubiquiti announced a data breach that could affect its cloud integration. Ubiquiti Cloud service, when enabled, allows a user to remotely connect and manage Ubiquiti controllers worldwide. The networking equipment and IoT device vendors UI.com site is used to manage devices from a remote location and as a help and support portal. "We recently became aware of unauthorized access to certain of our information technology systems hosted by a third party cloud provider," Ubiquiti said in a January 11 email. Users then contacted the company to determine whether the email was legitimate or a phishing attempt. Ubiquiti in user forums confirmed the legitimacy of the communication.
The company stated it hadn’t found any evidence user data was accessed, yet it conceded it couldn’t say with certainty “that user data has not been exposed.” The potential at-risk data includes: names, emails, phone numbers, addresses, and passwords. Ubiquiti described the passwords as “one-way encrypted…(in technical terms, the passwords are hashed and salted).”
Ubiquiti encouraged its users to:
The company has not said how many Ubiquiti users are impacted or how the breach occurred.
Research indicates companies are uncertain whether their third party vendors:
A better practice is to avoid working with a third-party vendors you don’t need, or at least minimize your exposure. In the newest iteration of our AccessEnforcer, the evolution of Gatekeeper protects against the kind of breach Ubiquiti suffered. With AccessEnforcer 5.0.2 customers can enjoy secure remote access to Internet of Things devices, like wireless controllers, with multi-factor authentication, without relying on a third-party service. Access Enforcer 5.0.2 is available now in beta by request.
Find out more about the ways in which Gatekeeper and our other new AccessEnforcer feature, GeoFence, help reduce your business’s third party cloud provider risks. Zero Trust Security is within reach of the small business too.