Vectra AI always advises companies to assume that attackers have already penetrated
There is recent news that Acer’s after-sales service systems have been massively attacked by hackers. Cybercriminals have claimed to have stolen more than 60 GB of files and databases from Acer’s servers, including customer, merchant and partner data. The stolen information includes customer information, credentials used by thousands of Acer dealers and distributors, and corporate, financial and audit documents.
Andreas Riepen from Vectra AI
“Armed with a treasure trove of stolen information about Acer customers, retailers and distributors, the attackers have probably already used this rich data to sell access to other cybercriminal groups,” says Andreas Riepen from Vectra AI . “They could also have used the logins of affected retailers and distributors to conduct targeted phishing attacks and spread to other organizations. The more information is stolen, the easier it is for attackers to escalate rights, move sideways through systems, and bypass protections. But time and again, we see attackers siphoning off massive amounts of customer, corporate, and financial data while running around prevention tools. Instead, companies must assume that there has already been or will soon be a successful attack or intrusion. Only with this attitude can you build sufficient resistance to this inevitability. By assuming they are already compromised and actively looking for signs of an attack, security-conscious organizations are able to detect and stop all types of attacks in time before they become security breaches.“