Today I am studying for the Microsoft Certified: Azure Data Engineer Associate exam. And currently I’m going through some dry stuff on database security. Today I also read this article on Krebs on Security about the LAPSUS$ hackers who stole lots of source code. Private chat messages of this hacker collective got out in the open recently and it is telling how they look at their targets.
Learning about security matters would be so much better if we would connect these two worlds. Like: “See how the LAPSUS$ hackers are amazed that a 5 year old stolen access token still gives them access to Globant’s network? That’s why you should not set the lifetime of an Azure access token to high. You can check that <here>”.
“And see how they got away with downloading 200 GB of Samsung’s source code, or 30ooo repositories (multiple times)? That clearly is not normal behaviour from employees. You should set some rules on that, so that an alert goes off when it happens”.
So often people go through the motions of security measures, like they are in an episode of Severance. “We don’t know why we have to set a password lifetime of 60 days. We just have to”. When you know what you’re up against, you will be much more alert and willing to learn how to stop these hackers.