This website stores cookies on your computer. These cookies are used to collect information about how you interact with our website and allow us to remember you. To find out more about the cookies we use, see our privacy policy


Snowflake-Related Cyber Attack - A Reminder Of The Importance Of 2 Step Verification

Snowflake-Related Cyber Attack - A Reminder Of The Importance Of 2 Step Verification

Recently, a number of customers using the software storage solution Snowflake have fallen victim to a cyber attack. 

The breach allegedly came to light after hackers posted about the compromised data on the dark web, prompting Snowflake to launch an investigation. Although the exact details and full impact of the breach are yet to be confirmed, there is significant concern about the potential for a large-scale data breach.

In a statement on their community forum, Snowflake revealed that users with single sign-on (SSO) were targeted. The stolen credentials were reportedly obtained through info-stealing malware.

Preventing Unauthorised Access

Incidents like this highlight the importance of robust cybersecurity practices. Businesses should take this as a reminder to maintain consistent cybersecurity hygiene, implement strong measures, and ensure employee training and vigilance.

Unauthorised access can be achieved through various methods, including undetected vulnerabilities, social engineering (such as phishing), or compromised credentials. Here are two critical measures to enhance protection against such threats:

  • Early detection through risk monitoring: Early detection may not prevent an issue from occurring, but it enables a swift response. When individuals are alerted to compromised credentials, they can quickly take measures to restrict potential access. This includes changing passwords, limiting system access, and updating any other accounts that use the same credential combination.
  • Two-Step/Multi-Factor Authentication: Adding two-step or multi-factor authentication (MFA) significantly enhances security following credential compromise. This acts as an additional barrier, requiring another form of verification before access is granted. Authentication apps are preferred as they generate unique codes that expire after a short period.

 

While MFA is not foolproof - hackers can use techniques like MFA fatigue or compromised browser cookies - it remains a critical cybersecurity practice that should be mandatory for all business-related accounts and strongly encouraged across personal accounts.

All-in-One Protection

Understanding and managing cybersecurity can be challenging, especially for individuals and small businesses. Our cyber tools simplify this process by offering educational guides, passive scans, and ongoing monitoring to help users stay protected. For more information, visit our products and solutions pages or contact us at info@dynarisk.com to learn how our threat intelligence is safeguarding consumers and businesses globally.