Stolen source code is a scary prospect for organisations, and unfortunately, it opens the door for potential further cyberattacks on the business and its customers. The Lapsus$ data extortion group stole 190GB of data which apparently contains ‘confidential Samsung source code’, including code relating to the operation of Galaxy devices, algorithms for all biometric unlock operations, and technology used for authorising and authenticating Samsung accounts. Threat actors who gain access to source code may be able to find the security vulnerabilities within the organisation’s product. This means that cyber criminals are then able exploit weaknesses within the network which are unknown to the organisation.
Although Lapsus$ teased their followers about the leak, the group is yet to release all the data. It is not uncommon for stolen data to be bought and sold by cyber criminals on the dark web. Once multiple threat actors have their hands on an organisation’s security details and weaknesses, then unfortunately, they are more likely to be targeted. Only one cyberattack has to be successful in order to cause significant and irreversible damage to an organisation, therefore businesses must ensure that they have a cybersecurity solution which can stop the possibility of source code being stolen.
Endpoint detection and response (EDR) is no longer enough, with the solution needing malware to execute before it can be picked up as malicious. With some of the fastest ransomware now encrypting within 15 seconds of being executed, organisations need to look towards prevention-first solutions.
Technologies, such as deep learning – a subset of AI, are able to stop malware before data can be stolen. Deep learning delivers a sub-20 millisecond response time to stopping a cyberattack before it can execute and take hold of an organisation’s network. If organisations were to implement solutions, such as deep learning, users on the dark web will be seeing less and less ‘bargain deals’ for an organisation’s sensitive data.