Wolters Kluwer Attack

$4.8b global accounting software vendor Wolters Kluwer was hit by a yet undetermined malware attack that has disrupted services for users of its cloud-based services. Prior to reports of this attack, there was a separate report by Brian Krebs concerning an apparent misconfiguration of one of their cloud file repositories. Whether these events are related is still undetermined.

Commentary: Size (multibillion dollar multinational corporation) and sophistication (global software vendor) are not synonymous with lower risk – if anything size is directly proportional to risk due to the vastly increased attack surface of such organizations. Every increase in IT complexity driven by the objective of lowering cost (cloud) and increasing speed to market (agile), drives increased security/privacy risk through the explosion in complexity of these environments. Defenders must be successful across the entire organization to ward off attacks, while attackers only need to be successful once to gain a foothold. When you can’t even lock the windows properly because you have lost track of how many windows you have – well, the results speak for themselves.

Likely Threat(s): Criminals?
Likely Motive(s): Fraud (ransomware?)
Likely Means: Still TBD
Opportunities: Asset Management?, Secure Configurations?, Incident Response?, TBD?

%d bloggers like this: