It has been discovered there was a problem affecting Mumsnet user logins between 2 pm on Tuesday 5 February and 9 am on Thursday 7 February. During this time, it appears that a user logging into their account at the same time as another user logged in could have had their account info switched. Mumsnet believes that a software change, as part of moving services to the cloud, that was put in place on Tuesday pm was the cause of this issue. It has been reported that up to 4,000 users have been exposed.
Commenting on the news and offering advice is Lamar Bailey, Director of Security research and development at Tripwire:
“Every change to an organisation’s infrastructure is a delicate process that needs to be planned out and carefully executed. While – depending on the cloud service model – the responsibility of maintaining the security ‘of the cloud’ is entrusted to the cloud service provider, while the security of the data ‘in the cloud’ is still the responsibility of the customer, and so is the security and effectiveness of the migration process.It makes sense for a glitch like the one experienced by Mumsnet to have happened as a consequence of a misconfiguration during the migration process, but thankfully, the breach was contained and swiftly reported.”
“The most common reason for a failure in the cloud migration process is poor planning. Organisations need to be able to allocate the necessary resources into the migration process. This could be having increased personnel, training for existing staff and taking experts’ advice on realistic budget and execution time.”
“The best way to prevent these issues happening is to prepare thoroughly for cloud migration, taking into account that the process could potentially take time and resources. Not rushing is paramount to maintaining the security of the enterprise, and sometimes it might be advisable to migrate services one by one, starting with the less critical, to ensure that the process is running smoothly. Organisations should also ensure that they have well trained and skilled personnel on the task.”
“The best way for organisations to maintain security when moving to the cloud is to have in place foundational controls, that monitor file integrity, configuration management, asset discovery, vulnerability management, and log collection. The majority of cloud breaches, however, can be traced back to misconfiguration and mismanagement of cloud-native controls, therefore it is careful planning and preparation that will ultimately protect businesses during the migration to a cloud environment.”
(7)
Article Link: http://digitalforensicsmagazine.com/blogs/?p=2679