shutterstock_490960141-1

Industry News: ESG5

      Know Your Breach: Gunnebo

      Oct 30, 2020 10:49:40 AM

      The target: Gunnebo, a Swedish-based security firm.

      The take: 38,000 sensitive company documents including: schematics of client bank vaults and surveillance systems, blueprints for monitoring and alarm equipment, and security function of Automatic Teller machines.

      The attack vector: Compromised credentials to an employee’s Remote Desktop Protocol account which had a password of ‘password01’. While the confirmation of this particular RDP account’s role in the attack is unverified, security researchers highlight the extremely poor password hygiene here and infer this practice is likely widespread within the firm.

      The breach highlights the critical important of robust password polices. Length, complexity, and aging standards for every company account are invaluable to preventing credential compromise.

      Read more...

      Topics:Know Your Breach

      About Castle Hall Diligence

      Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →

      Subscribe to Cyber Updates