This past week, we saw many reports about the Evernote breach. This serves as a timely reminder about the risks to data -- in this case 50 million users’ credentials. The good news is that it seems Evernote took the right steps to protect that data – using salted hashes. If this was performed correctly, then users should not be concerned about their passwords being compromised. And for good measure, Evernote took the right steps to reset everyone’s password too. The attack took place on Feb 28, and the company notified users relatively quickly -- a couple of days later -- not bad, really. So best practices prevailed, despite the attack.
What’s intriguing about this attack is how it actually happened and what the downstream side effects may be. In the cloud, an attack can topple many systems like dominoes. But if Evernote was following best practices, as it seems, how did the attackers get in? Very likely there was a Java or zero day exploit leading to system penetration. Maybe an insider opened a malicious email from spear phishing. We may never know. But once again it shows that what was once considered an impenetrable barrier -- the enterprise perimeter – is really now just a semi-permeable membrane that is only as strong as the weakest link.
And amid frenzied patches for Java, Windows, and a myriad of enterprise tools, weak security links abound. So with attacks to data being relatively easy –a new attack vector can be purchased from a malware cloud provider -- the question then becomes: How do cloud services and applications protect your assets – your sensitive data – as they are sitting pretty behind that semi-permeable membrane we call the perimeter?