- Impact: The breach affected numerous organizations worldwide:In Nova Scotia, up to 100,000 present and past employees were impacted. In the United Kingdom, organizations like the BBC, British Airways, Boots, Aer Lingus, and payroll service Zellis were breached. Ernst & Young, Transport for London, and Ofcom were also affected. The United States Department of Energy and other U.S. government organizations were hit.Overall, more than 2,500 organizations were impacted, with over 80% of them being U.S.-based1.
- Cost Estimation: According to IBM, data breaches cost an average of $165 USD per record. Based on the number of individuals impacted, the estimated cost of the MOVEit incident is approximately $15,665,822,2052.
Point-to-point (P2P) connections play a crucial role in securing databases from attacks like the Moveit breach. In incidents like the Georgia breach, vulnerabilities in widely used protocols such as HTTP/HTTPS were exploited, as in the case of CVE-2023-34362. This weakness enabled attackers to compromise data integrity and confidentiality. Point-to-point technology addresses these vulnerabilities by creating direct, secure communication links between devices or servers decoupling databases from the public internet, thus mitigating risks associated with HTTP/HTTPS-based injected attacks.
Point-to-point connections offer a robust method to enhance database security and mitigate the risks associated with cyberattacks like the Moveit breach, as seen in incidents like the one affecting the University System of Georgia, where sensitive information was exposed. This approach creates direct, secure communication channels between devices or servers, effectively reducing the attack surface and minimizing potential vulnerabilities. Here’s a deeper dive into why point-to-point connections are useful in protecting databases from these kinds of threats:
Eliminating HTTP/HTTPS Weaknesses
The CVE-2023-34362 vulnerability, exploited during the Moveit attacks, underscores the risks inherent in exposing databases and applications to the public internet and protocols. Although HTTPS adds a layer of encryption, it’s still susceptible to various attacks, such as man-in-the-middle, session hijacking, or certain zero-day vulnerabilities. Point-to-point connections eliminate these risks by bypassing HTTP/HTTPS entirely, using custom protocols with strong encryption and authentication methods. This direct approach significantly reduces the potential for exploitation via these common web protocols.
Direct Connections Reduce Attack Surface
In a typical HTTP/HTTPS setup, data travels through multiple intermediate points—each of which represents a potential vulnerability. This complexity can be exploited, leading to data breaches or unauthorized access. By establishing point-to-point connections, data is transmitted directly between two secure endpoints, reducing the number of hops and minimizing the attack surface. This simplified communication route limits the opportunity for hackers to intercept or tamper with data, significantly enhancing security.
Enhanced Data Security with Custom Protocols
Point-to-point technology often relies on custom communication protocols tailored to specific security requirements. This customization allows for robust encryption and stringent authentication mechanisms, reducing the risk of exploitation. The encrypted direct link between endpoints ensures that even if a malicious actor intercepts the data, it remains incomprehensible without the appropriate decryption keys. This higher level of encryption, beyond standard HTTPS, makes it exceptionally difficult for attackers to compromise data integrity.
Isolating Critical Systems from External Threats
One significant advantage of point-to-point connections is the ability to isolate critical systems from broader network threats. By avoiding reliance on HTTP/HTTPS protocols, organizations can establish secure, private communication channels that are not accessible to external actors. This isolation helps prevent attacks like those exploiting CVE-2023-34362, where vulnerabilities in HTTP-based software lead to data breaches.
Decreasing Third-Party Dependencies
The Moveit attack demonstrated the risks of third-party vulnerabilities. Point-to-point technology, by creating direct communication links, reduces or eliminates the need for third-party services that use HTTP/HTTPS protocols. By embedding this technology into the server, organizations gain greater control over their security infrastructure, reducing the risk of external vulnerabilities impacting their databases.
Streamlined Security and Compliance
Point-to-point connections also offer benefits in terms of compliance and regulatory requirements. By reducing the exposure to HTTP/HTTPS vulnerabilities, organizations can more easily meet stringent security standards. This streamlined approach can simplify compliance with regulations like GDPR, HIPAA, and others that demand robust data protection.
Conclusion
We specialise in Point-to-point connections providing a powerful solution for protecting databases from attacks like those exploiting CVE-2023-34362. By removing the weaknesses associated with HTTP/HTTPS, point-to-point encrypted direct connections offers enhanced security, reduced attack surfaces, and a significant decrease in third-party dependencies, this however is not enough, in order to identify anomaly files, our fingerprinting technology is a must in protecting assets with alien code disguised as legitimate code i.e. non approved production code over secure or insecure connections. Organizations adopting our approach can expect decreased costs, costs associated with risks, and data breach costs with a technology that can ensure robust data protection and safeguard against emerging threats in the cybersecurity landscape.
Don’t hesitate to contact us for a demo on direct connections and their ability to decrease the attack surface, which will translate to significant cost savings.