Okta data breach


It’s another day and unfortunately another news story of a ransomware group stealing an organisation’s data, with Okta now the possible latest victim. Lapsus$ posted in their Telegram that they had stolen customer data and had acquired “superuser/admin” access. This is extremely worrying as the data breach has the potential to cause long-term damage to customers, and employees alike.

It has also been reported that the alleged breach by Lapsus$ may have occurred months ago, which is another troubling development as pieces of malware would have been lying dormant for months before the data was stolen. It is a nasty position for any organisation to be in and Okta’s security teams will inevitably be working around the clock to try and solve the problem and detect the source of the breach.

Unfortunately, the ’assume breach’ mindset is no longer a safe way to deal with cyberattacks. Endpoint detection and response (EDR) needs malware to execute before it can be picked up as malicious, by which point a threat actor could have been in the network for days, weeks or months. With some of the fastest ransomware now encrypting within 15 seconds of being executed, organisations need to look towards prevention-first solutions.

Technologies, such as deep learning – a subset of AI- are able to stop malware before data can be stolen. Deep learning delivers a sub-20 millisecond response time to stopping a cyberattack before it can execute and take hold of an organisation’s network. The independent ‘thinking’ of deep learning also results in the solution being able to stop unknown and zero-day threats. Organisations that implement solutions, such as deep learning, will no longer have to be scared of what cyberattacks are lurking behind the shadows of their network. Instead, security teams will be tackling malware straight away and before the cyberattacks have the chance to get comfortable in an organisation’s network.