Preventing Interceptions in the Cybersecurity Super Bowl
Few events can change the momentum of a football game like a turnover in a critical moment. Unfortunately, ahead of their clash in last Sunday’s Super Bowl, the Kansas City Chiefs and San Francisco 49ers had one such moment when cyber attackers took over the teams’ Twitter accounts as well as the official account of the National Football League.
The group OurMine took responsibility for the cyber attack. In all, 15 NFL teams had their Twitter or Instagram accounts compromised alongside the accounts for Sports Media Giant ESPN and the UFC mixed martial arts organization. The Super Bowl is the biggest event on the American sports calendar; so it’s not surprising that precisely during their moment in the spotlight, the NFL, the Chiefs and the 49ers were attractive targets for attackers seeking a spot on that national stage by causing disruption.
The attacks emphasize the importance of cybersecurity for social media accounts and other web applications, not only for sports teams and media companies, but any organization. Once in control of team accounts, the attackers spread misinformation about individual teams. Meanwhile, media reports of the attacks spread widely and the NFL and ESPN felt the need to issue public statements confirming they were working with law enforcement to address the situation.
While the precise attack methodologies are not fully public, both OurMine and Twitter confirmed the data breach occurred through a third-party platform. This reinforces awareness that, as adoption of web and cloud applications expands, so too does the attack surface.
With the prevalence of unmanaged, unmonitored and, often, shared accounts and passwords, many organizations lack proper controls over social media platforms. Yet, a compromised account can be potentially catastrophic to a brand’s reputation and that needs to be taken into consideration. Attacks can lead to the unauthorized publication of offensive content, or leaks of confidential financial or personal information.
Social media account credentials should be securely stored, rotated and isolated from employee workstations to minimize these risks. Session isolation and management can add additional accountability to privileged sessions on corporate accounts, helping security teams satisfy audit requirements and investigate security events.
The role of a third party social media management application in these breaches is even more of a concern. These applications should be treated as highly-sensitive corporate resources. As such, they should be secured with privileged access management solutions, which provide security where it’s most needed – protecting highly sought after privileged access to vital information and applications from compromise.
Football, it’s often said, is a game of inches, in which the difference between winning and losing comes down to just a few key moments. To win a close game, teams must ensure they limit unnecessary turnovers that can give opponents momentum or the upper hand. The same could be said for cybersecurity. When facing complex threats, organizations should take a risk-based approach and prioritize privileged access management.
Looking to change the game and better protect your organization from threats? Learn how to execute the playbook for privileged access management.