• EN

Weekend Reading - 02/02/2024 - Cloudflare Hacked - Long Read

  • 2 February 2024
  • 9 comments
  • 132 views
dips
Userlevel 7
Badge +7
  • dips
  • Veeam Legend
  • 712 comments

With the daily news of ransomware and organisations getting hacked, a big one this week was from Cloudflare getting hacked. A long read I recommend reading is the blog entry they published:

Summary:

 

In November 2023, Cloudflare experienced a security breach. A threat actor gained access to their internal systems using stolen credentials. The attacker explored various resources, including the wiki, bug database, and source code repositories. Cloudflare promptly detected and blocked the intruder, conducted an investigation, and implemented security measures. Fortunately, no customer data or systems were compromised during this incident.

Dipen N. K. | IT Security Specialist | Veeam Legend 2022 - 2023 | www.dipen.co.uk

9 comments

coolsport00
Userlevel 7
Badge +17

@dips - like I need any more tech reading...on the weekends, no less 😏😁

Shane Williford - Veeam VMCA/VMCE | Veeam Legend | VUG Leader | VCP-DCV | Twitter: @coolsport00
Chris.Childerhose
Userlevel 7
Badge +20

It is funny you posted about this as I used Cloudflare with my blog then when I moved hosting providers end of 2023 I actually stopped using them altogether.  Just could not justify the cost of that on top of my hosting costs.  The new hosting provider provides stuff like Cloudflare, and my site is very quick and secure now.

Chris Childerhose - VMCA2022 | VMCE2023 | Veeam Vanguard 7* | Veeam Legend 3* | vExpert 5* | VCAP-DCV/VCP-DCV | Object First Ace | Cisco Champion | Twitter: @cchilderhose | Blog Site – https://just-virtualization.tech
dips
Userlevel 7
Badge +7

@dips - like I need any more tech reading...on the weekends, no less 😏😁

No such things are weekends when in IT @coolsport00 😂

Dipen N. K. | IT Security Specialist | Veeam Legend 2022 - 2023 | www.dipen.co.uk
coolsport00
Userlevel 7
Badge +17

@dips - like I need any more tech reading...on the weekends, no less 😏😁

No such things are weekends when in IT @coolsport00 😂

For you, maybe Dipen 😁 I try to enjoy my weekend! Life’s too short! 🙂 (except when I have to work..hahaha)

Shane Williford - Veeam VMCA/VMCE | Veeam Legend | VUG Leader | VCP-DCV | Twitter: @coolsport00
dips
Userlevel 7
Badge +7

It is funny you posted about this as I used Cloudflare with my blog then when I moved hosting providers end of 2023 I actually stopped using them altogether.  Just could not justify the cost of that on top of my hosting costs.  The new hosting provider provides stuff like Cloudflare, and my site is very quick and secure now.

Yep, I agree, most providers not include it. No point having an additional cost

Dipen N. K. | IT Security Specialist | Veeam Legend 2022 - 2023 | www.dipen.co.uk
dips
Userlevel 7
Badge +7

@dips - like I need any more tech reading...on the weekends, no less 😏😁

No such things are weekends when in IT @coolsport00 😂

For you, maybe Dipen 😁 I try to enjoy my weekend! Life’s too short! 🙂 (except when I have to work..hahaha)

That I can agree with. Got to make the most of the weekend!

Dipen N. K. | IT Security Specialist | Veeam Legend 2022 - 2023 | www.dipen.co.uk
vAdmin
Userlevel 7
Badge +2

@dips - like I need any more tech reading...on the weekends, no less 😏😁

No such things are weekends when in IT @coolsport00 😂

Especially in the Cybersecurity world, the attacker don’t sleep 😴

Microsoft Azure Solutions Architect Expert, VMware Certified Professional - DCV 7, Citrix Certified Professional Virtualization (CCP-V), ITIL Practitioner
coolsport00
Userlevel 7
Badge +17

Truth!

Shane Williford - Veeam VMCA/VMCE | Veeam Legend | VUG Leader | VCP-DCV | Twitter: @coolsport00
Geoff Burke
Userlevel 7
Badge +22

A few very interesting and critical points. Two key elements here are firstly they built their environment based on the Zero Trust Framework, most critically segmentation and strict user access controls, and secondly they had a security team and it was alerted and took action. 

One thing I will even quote because of its importance  “The 76 source code repositories were almost all related to how backups work, how the global network is configured and managed, how identity works at Cloudflare, remote access, and our use of Terraform and Kubernetes.”

So they wanted to know about backups, identity and were looking for automation “Terraform and Kubernetes”

One of Zero Trust’s most important tenets, which I see often ignored unfortunately is Assume Breach. If you assume that you will be breached then your outlook on the way you build your environment changes drastically. Keeping in mind as was stated in the article, the bad guys get in and then sit, probe, take breaks and study the environment, they might go unnoticed for a long time which allows them to do a lot of damage

Equally important is many companies don’t have security teams, the backup admins are being given this role but lack the expertise and the time to perform that role. 

So picture this same incident in a company, with no security team and no zero trust. This is why the 3 2 1 rule with immutability is so important. The offsites have to be immutable as well since local immutability can be defeated by chattr -i if the bad guys are able to break into your local storage. 

 

VMCA2022, VMCE2023, CKA, CKAD, KCNA, LFCS, PCA,TARS

Comment


Terms & Conditions