Twitter Hacked Through Slack
written by Maya Guevara 8/14/2020
Mid-July, Twitter announced that 130 accounts were targeted in a major cyber-attack. The access point? The popular workplace messaging system, Slack. The Twitter breach emphasizes the need to protect credentials — a concept that is similarly applied in the cloud via IAM and access keys.
The hack
According to The New York Times, the lead hacker of the group who took control of the Twitter accounts gained access to Twitter credentials when he “found a way into Twitter’s internal Slack messaging channel and saw them posted there, along with a service that gave him access to the company’s servers.” With access to accounts of people like former President Barack Obama, Joseph R. Biden Jr., and Elon Musk, it is unclear how much information was obtained.
Staying secure
Enterprises with cloud apps such as Slack and Microsoft Teams have recently become vital to the workforce. As working from home and social distancing continue, the need for these applications continues as well. However, we are learning that because these channels were adopted so quickly, security was not prioritized. Whereas email accounts have multiple layers of security, work apps have close to nothing. The rapid acceleration of cloud adoption can lead to a similar scenario where the use of new technologies offered up as cloud services, while having security principles applied to them. Organizations can find themselves in a hurry to implement the newest tech, and leave security in the dust.
One step to secure cloud apps is the use of IAM, or Identity and Access Management. In enterprise IT, IAM ensures that access to credentials is granted to the right assets, to the right users, in the right systems. It defines and manages the roles and access privileges of individual network users through tools such as password management services, provisioning software, security-policy enforcement applications, and more.
IAM is critical to security plans because of the vulnerability that credentials hold and the organization’s information that can be obtained with them. Due to its importance, IAM should always be consistent and scalable to deal with centralizing management in large enterprises, as well as work in many different environments.
Access Keys are another element to maintaining security in the cloud. An access key is a long-term credential for an IAM user or an AWS account root user, and is used to sign programmatic requests to the AWS CLI or AWS API. While it consists of two parts — the access ID and the secret access key — both are needed to authenticate requests.
At NephōSec, we know what it takes to stay secure in the cloud. Let us do the work so that you can Cloud With Confidence. Chat with us at https://nephosec.com/talk-to-us/