In August, a sweeping phishing campaign, referred to as Oktapus, targeted customer engagement platform Twilio and content delivery network Cloudflare. Though the attackers leveraged relatively low-skilled methods to achieve their aims, the social engineering attack had far-reaching consequences that affected more than 130 other organizations. The cyberattackers were able to net nearly 10,000 sets of Okta credentials, enabling them to spread their attack downstream to many more customers.
This breach calls into question the efficacy of current identity and access management (IAM) strategies. What questions should IT leaders be asking themselves to protect their organizations from a similar attack? Three cybersecurity experts weigh in on the Twilio breach and what it means for cybersecurity going forward in the following five questions.
1. How is the identity attack surface growing?
Identity as an attack surface is growing in popularity. Threat actors are looking for ways to harvest credentials that will grant them widespread access to networks. With the increasingly interconnected nature of the technology vendor ecosystem, even minor identity exposure can have a ripple effect….
