Top 3 Cybersecurity Blind Spots in your Third-Party Ecosystem & What You can Do about Them

Business is built on trust, and most companies are trustworthy. A large company has connections to 583 third parties that help run its business. These third parties can be anything from giants like Microsoft to “mom and pop” AC repair companies. What’s shocking is that both can be a blind spot in your cybersecurity. 

1. Exposed Databases in the Cloud

In this digital transformation era, open databases – those in the cloud that require no logins or passwords to access online – have emerged as low-hanging fruit for hackers. As a result, businesses are significantly increasing their risk of exposure due to open databases in the cloud. In one experiment, a researcher created a honeypot in the form of an unsecured database. In just 11 days, the honeypot was attacked 175 times.  Frankly, databases are often forgotten about entirely, or new ones emerge without teams even knowing they exist. In other cases, it may take months for overworked, resource-strapped IT departments to patch databases – a time window in which the databases remain vulnerable. This is what occurred when more than 1 billion search records belonging to CVS Health were accidentally posted online and accessible to the public earlier this year. Data Breach Prevention tools will provide a second check to catch these leaks before hackers access them in a data breach. CybelAngel Data Breach Prevention and cloud leak services located exposed databases in only 24 hours.

2. Service Providers

Many organizations discover that their supply chain is their weakest link, as more than one-half have experienced a data breach caused by a third party. While you might imagine these breaches are from less technologically capable businesses, that is not always the case.  Microsoft suffered a breach after a brute force credential stuffing attack by the allegedly Russian-sponsored cyber gang Nobelium. Nobelium gained access to numerous customer service accounts and, through them, their client’s networks. 20% of those breached were government accounts. Microsoft acted quickly, but this shows that even strong third parties present a risk.  Third-party risk management solutions protect from third-party leaks and data breaches, whether from large or small organizations.

3. Backup Storage Media

Backup storage media is a key part of a company’s disaster recovery plan, but these devices can be access points for cyberattacks. Since these devices are often automated and “set and forget,” they represent an unprotected and unmonitored device. Additionally, as they are for storage, they are often shared among departments with unrestricted access.  Wegmans, an American supermarket chain, suffered a data leak after a third-party vendor left a shared cloud backup storage account open via unrestricted access. Multiple forms of PII from names, addresses, DOBs, and email addresses were left exposed.  Securing and adequately configuring backup storage is not complicated. It only becomes an issue once done at scale, where basic digital hygiene can break down. Often, individual configurations can be harmless, but when combined with other IT assets they can be harmful. Companies only need to be made aware of these unsecured assets to ameliorate the issue. CybelAngel Asset Discovery and Monitoring can locate these assets, informing SOC and IT teams so that they can prevent a breach. 

Awareness is a Security Must:

A commonality of third-party blindspots is they are often easy to solve IF your company was aware of the risk. Many data leaks, breaches, and other cyber threats can be solved with basic cyber hygiene. Many third parties are chosen for their domain knowledge, not their IT knowledge, so it can be unrealistic to expect complete compliance. It’s on companies to be on the lookout for exposed databases, third-party leaks, and shadow IT both within and without, then share this information so all parties can work together to be secure.