Weekend Reading - 02/02/2024 - Cloudflare Hacked - Long Read

@dips - like I need any more tech reading...on the weekends, no less 😏😁

It is funny you posted about this as I used Cloudflare with my blog then when I moved hosting providers end of 2023 I actually stopped using them altogether.  Just could not justify the cost of that on top of my hosting costs.  The new hosting provider provides stuff like Cloudflare, and my site is very quick and secure now.

No such things are weekends when in IT @coolsport00 😂

For you, maybe Dipen 😁 I try to enjoy my weekend! Life’s too short! 🙂 (except when I have to work..hahaha)

Yep, I agree, most providers not include it. No point having an additional cost

That I can agree with. Got to make the most of the weekend!

Especially in the Cybersecurity world, the attacker don’t sleep 😴

Truth!

A few very interesting and critical points. Two key elements here are firstly they built their environment based on the Zero Trust Framework, most critically segmentation and strict user access controls, and secondly they had a security team and it was alerted and took action. 

One thing I will even quote because of its importance  “The 76 source code repositories were almost all related to how backups work, how the global network is configured and managed, how identity works at Cloudflare, remote access, and our use of Terraform and Kubernetes.”

So they wanted to know about backups, identity and were looking for automation “Terraform and Kubernetes”

One of Zero Trust’s most important tenets, which I see often ignored unfortunately is Assume Breach. If you assume that you will be breached then your outlook on the way you build your environment changes drastically. Keeping in mind as was stated in the article, the bad guys get in and then sit, probe, take breaks and study the environment, they might go unnoticed for a long time which allows them to do a lot of damage

Equally important is many companies don’t have security teams, the backup admins are being given this role but lack the expertise and the time to perform that role. 

So picture this same incident in a company, with no security team and no zero trust. This is why the 3 2 1 rule with immutability is so important. The offsites have to be immutable as well since local immutability can be defeated by chattr -i if the bad guys are able to break into your local storage.