Another day, another cyber attack. Only last week we learned about the Equifax security breach. Now it’s Deloitte Touche, which is incidentally one among the ‘big four accounting firms‘, that has fallen prey to hacking. The accounting firm, which is registered in London and has its global headquarters in New York, has become the latest subject of a cyber security attack which has supposedly compromised 5 million emails. Emails which Deloitte Touche had stored on Microsoft’s Azure Cloud.
According to a report from Guardian, the British daily newspaper, the security breach had been kept under wraps by the Deloitte Touche administrators since it was discovered in March. And it seems that the hackers were specifically targeting some major corporates as well as government clients of the accounting firm.
E-mail System Compromised Due to Basic Security Goof Up
Although the full details of the security breach – which has been codenamed Windham now – still remain sketchy, it has come to light that the Deloitte's emails systems (whose mails are stored on Microsoft's Azure Cloud) do not employ multi-factor authentication technology which plays a vital role in securing enterprise mails.
The report also points out that the 'hackers just needed a single password' from an administrator of the firm's email accounts. Once they had obtained it, they could easily 'access various areas' of the email system. Security investigators involved have been able to uncover an electronic trail which points out that the accounting firm's major clients were the point of interest.
Not Just Emails, But Other Information Too Compromised
Apart from gaining access to sensitive emails, it seems the hackers were also able to get their hands on other vital information like account credentials, IP addresses, sensitive email attachments, and also business-related architectural diagrams; and in some cases, extremely sensitive security information.
It has also been found out that the security breach has been US-focused and is being regarded so sensitive that only a handful of Deloitte's most senior partners and lawyers were informed about it. Therefore it's becoming obvious that Deloitte Touche is trying hard to downplay the incident saying the cyber attack has impacted only a few clients, whereas the truth could reveal a surprising number.
Moreover, although Deloitte Touche discovered the cyber security attack only in March, sources are suggesting that the attackers may have had access to its systems since October or November 2016.
Deloitte Touche Has Been Left Feeling Red-Faced
The security breach has been particularly embarrassing for the accounting firm, because of the fact that it successfully runs "CyberIntelligence Centre" – a research and advisory firm which Gartner in 2012 named as the best cyber security consultant in the world – that advises clients on various security cyber security measures they can take to strengthen their cyber resilience.
When contacted for information regarding the security breach, this is what Deloitte Touche spokeswoman had to say. "No disruption has occurred to client businesses, to Deloitte’s ability to continue to serve clients or to consumers. She further goes on to add that, “Deloitte remains deeply committed to ensuring that its cyber security defenses are best in class, to investing heavily in protecting confidential information and to continually reviewing and enhancing cyber security.”
This cyber security attack serves as a classic example of what might happen when you don't get your basics right. Basics like implementing a multi-factor authentication for protecting your email systems which may seem trivial (and often repeated) but can go a long way in safeguarding your enterprises against various security threats.
To give a real-life analogy, no matter how strong a building might appear to the world, it is only as strong as its foundation. The same principle applies for the security industry as well. Only if you get the security basics right – like implementing multi-factor authentication – will your security posture stand the test of time.
Julia Sowells is a security geek writer at hackercombat with almost 5+ years of experience, writes on various topics pertaining to network security.