Security Lapse Exposed Weak Points On Honda’s Internal Network

According to this link, https://techcrunch.com/2019/07/31/security-lapse-exposed-weak-points-on-hondasinternal-network/, an exposed database at automotive giant Honda allowed anyone to see which systems on its network were vulnerable to unpatched security flaws, potentially giving hackers insider knowledge of the company’s weak points.

  • The server contained 134 million rows of employee systems data from the company’s endpoint security service, containing technical details of each computer and device connected to the internal network
  • The database has no password
  • The data included which operating system a user was running, its unique network identifiers and IP address, the status of the endpoint protection, and which patches were installed
  • What makes this data particularly dangerous in the hands of an attacker is that it shows you exactly where the soft spots are. This data contained enough identifiable information to make it extremely simple to locate specific high value employees and in the hands of an attacker this leaked data could be used to silently monitor for ways to launch very targeted attacks on those executives

EXPERTS COMMENTS
Chris DeRamus, CTO and co-founder,  DivvyCloud
August 07, 2019
Organizations must change how they deploy and build apps entirely
To avoid incidents misconfigurations like what Honda experienced, organizations should change how they deploy and build applications entirely. Not necessarily just a technology shift, but more of a cultural change. Everything an IT department does will need to change: how they deploy applications, what applications they build, how they learn from their customers, etc. All of that has to change bec ....
[Read More >>]
Steve Armstrong, Regional Director ,  Bitglass
August 02, 2019
Robust policy and user training may have helped to reduce the likelihood of this data exposure.
There are 3 pillars of information security - people, process and technology; very much in that order. In this scenario it may have been a simple oversight by the person(s) responsible for the database. Robust policy and user training may have helped to reduce the likelihood of this data exposure - technology would have, potentially, alerted Honda to the issue and allowed them to remediate. As an ....
[Read More >>]
Eoin Keary, CEO and Cofounder,  Edgescan
August 02, 2019
A company’s entire IP address space needs to be profiled in a continuous manner to detect exposed services and systems.
Continuous vulnerability management would have detected the issues and exposures that caused Honda's database to remain exposed. This vulnerability is not uncommon, but it is also not difficult to detect. A company’s entire IP address space needs to be profiled in a continuous manner to detect exposed services and systems. Selecting specific IP addresses to undergo vulnerability management ma ....
[Read More >>]
Igor Baikalov, Chief Scientist ,  Securonix
August 02, 2019
This is a hacker's dream, a treasure trove of the most sought after information.
This is a hacker's dream, a treasure trove of the most sought after information. Whoever has it, can own Honda's network. While it is unclear if this data has already been accessed by someone maliciously, it does highlight a concerning flaw in the security practices of Honda. If an attacker has already gained access they could use the data to carry out further attacks and gain deeper access to H ....
[Read More >>]
Saryu Nayyar, CEO,  Gurucul
August 02, 2019
This is a situation where behaviour analytics technology would be crucial for detecting and stopping abnormal and suspicious activities.
This attack is a reminder that, unfortunately, too many organisations are still not getting the cybersecurity basics right. In this case, those basics include providing each critical system with a unique and frequently updated password. What makes this attack particularly troubling is that the information it revealed can potentially give hackers inside knowledge of the company’s security weak po ....
[Read More >>]
Javvad Malik, Security Awareness Advocate,  KnowBe4
August 02, 2019
With storage costs being relatively cheap, it is often convenient to gather as many logs into one place.
With storage costs being relatively cheap, it is often convenient to gather as many logs into one place. But as Honda has discovered, this data itself can be very valuable to attackers - akin to giving detailed blueprints to the kingdom. It's likely that there was an oversight on behalf of an administrator which exposed the database publicly. This is why it's important to gain assurance that all ....
[Read More >>]

If you are an expert on this topic:

Dot Your Expert Comments

SUBSCRIBE to alert when new comments are posted on this news. :




In this article