Adobe Hacked: The Frightening Implications for Network Security
It seems barely more than a few weeks can pass without news of a major global company being targeted by cyber criminals. The latest to find a bullseye on its back is Adobe. The software company — which is responsible for some of the most widely used photo, video and graphic editing software in the world — announced that the private information of some 3 million customers had been pilfered by hackers.
Now, while Adobe insists the data was encrypted, who is to say that the perpetrators didn’t swipe the encryption key along with the rest of their spoils? Adobe has advised its customers to pay close attention to their bank and credit card accounts to spot any unauthorized activity, and to change their Adobe passwords, especially if they use the same password for multiple online accounts (something you shouldn’t do anyway!).
But there is a more worrisome issue here. Paying customers of Adobe could certainly be at risk for identity theft and financial fraud, however, individuals who have never paid the company a single dollar could also be at risk for a cyber attack. According to the company, the intruders managed to get their hands on the source code for several Adobe products, including the widely used Adobe Acrobat. Free software installed on millions upon millions of computers, from personal laptops to office desktops, could be compromised. That means that you don’t have to be a paying customer to be victimized by this latest instance of cyber crime. Hackers can alter the source code to do all manner of damage to Adobe users. Of course, Adobe has also insisted that there is no immediate threat to users of its software as a result of the source code being stolen, but several security experts question that assertion.
In this blog, we regularly talk about online and network security concerns and remote access technologies. Often, these discussions are centered on the financial repercussions suffered by the customers who have their information stolen. What this example reveals, however, is that there is even more at risk. The intellectual property of a company could be stolen and compromised, doing catastrophic damage to its users and its reputation in the industry, and wreaking financial havoc in the process.
While the details surrounding the breach of Adobe’s cyber defenses have not been fully disclosed, the story drives home one very real point: every single point of access to your company’s network must be secured, because while hackers may be unscrupulous, they certainly aren’t lazy. If you leave a door open for them, even just an inch, they will find it and snake their way inside.
Everything from state-of-the-art VPN solutions to dynamic firewalls and mobile device management (MDM) software should be employed within a comprehensive security framework as part of any company’s cyber defenses — if they are indeed serious about protecting both their intellectual property and the private information of their customers.