3 Security Steps That Could Have Stopped the Equifax Breach

 Posted by Susan Sison on Sep 25, 2017 12:24:00 PM

 If you’re rEquifaxBreachSecurityesponsible for security at your company, September’s enormous Equifax breach is a double whammy. Personally, you may be one of the 143 million Americans – over half of all US adults – whose social security numbers, birth dates, addresses, and driver’s license numbers were exposed. Professionally, knowing that CIO and CSO of Equifax were retiring “effective immediately,” you wonder if your system is ready for the next attack, or if you will be next on the chopping block.

Patches Were Missed

What happened at Equifax sounds eerily familiar to the WannaCry attack, in which companies failed to apply a patch available from Microsoft months earlier. This time, the vulnerability was in the open-source web application Apache Struts CVE-2017-5638 used to create Java web applications. From mid-May to July 29, criminals exploited this vulnerability at Equifax – two months after a patch became available.

Securing application environments presents serious challenges that can leave an organization at risk for losing customer trust and financial losses. Recent surveys have shown that while 83 percent of enterprise IT executives believe application security is critical to their IT strategy, more than 93 percent of companies fail to implement basic security measures that would block criminals from bypassing authentication measures to retrieve information from databases.

How can your company protect against web app threats ranging from the injection of malicious code and hijacking authentication credentials to cross-site scripting (XSS) and hijacking cookies? Consider these security tips and features to look for:

Security Steps to Take

1. Have a consistent, tested breach response plan. Create a plan for rapid response and management of potential data breaches. Allow for different types and severity of breaches, provide an action item checklist, and review your plan regularly.

2. Review your web app login practices. Require passwords to have a minimum of 12 characters, with a mixture of uppercase and lowercase letters, numbers, and symbols. Educate end-users never to share or reuse passwords and to store them away from their computer.

3. Ensure advanced web app security. Cybercrimes are becoming more common and pernicious every day. Without an efficient web app solution, IT groups with limited personnel or lack of expertise are likely to be overwhelmed and underprepared.

Counter Tactics to Embrace

  • Real-time threat intelligence. A solution that continuously monitors and analyzes your system provides IT groups with instant detection of known threats and identification of unknown threats for faster, more accurate decision-making.
  • Automated correlation engine. It takes valuable time to piece together data from isolated security tools, multiple data sets and correlation devices. Plus, data can be outdated or incomplete. A correlation engine automatically consolidates security, authentication and network traffic logs across all systems for timely, accurate analysis and smart decision-making.
  • Vulnerability scanning. Continuous and comprehensive vulnerability scanning of servers and workstations, along with automated analysis, provides the fresh information developers need to accurately assess risk and prioritize critical, high-risk exposures that can be quickly acted upon.

Unprotected web applications are the easiest point of entry for hackers and vulnerable to threats such as the OWASP Top 10 and the one that caused the Equifax attack.

A Fortinet partner, Network Computing Architects, Inc. (NCA) can deliver all these capabilities with the collaborative, end-to-end protection of the Fortinet Security Fabric. A core component of the security fabric is the FortiWeb web application firewall, which protects against known and unknown threats. Contact us to learn more.