Uber app

Uber has been hacked! What does this mean for your business?

Last week, mobility giant Uber had to turn off many of its internal systems, including Slack and Google Cloud, due to a serious cyber breach.

Fb Logo Uk Wheel Rgb 200Px
Bob Armstrong
21 September, 2022

We need to get serious about cybersecurity.

Last week, mobility giant Uber had to turn off many of its internal systems, including Slack and Google Cloud, due to a serious cyber breach. This acts as a stark reminder that even companies with dedicated security teams need to re-examine their approach to cybersecurity.

Social engineering believed to be behind the Uber attack

It’s believed the hacker, aged just 18, used social engineering to access much of the company’s IT infrastructure, including Slack workspaces, its anti-virus software, AWS console, virtual server console—and even Uber’s own bug bounty service, where he bragged in all-caps: “UBER HAS BEEN HACKED.”

The hacker is thought to be affiliated with the group that hacked Rockstar Games, Nvidia, Okta, and Microsoft. And it’s believed they told security researchers exactly how they managed to carry out the attack: By stealing an employee’s password then getting approval for fake multi-factor authentication (MFA) notifications.

And while Uber says things are now back to normal, there’s no doubt they’ve been spooked! In fact, they're currently recruiting for several security engineer positions...

Hackers often exploit individuals rather than systems

Hackers often exploit weaknesses in multi-factor authentication by targeting individuals, rather than looking for security flaws in what are often highly audited systems.

The UK Government website reports that almost 4 out of 10 companies experienced cyber security breaches in 2021, and these attacks can wield significant damage, both financially and reputationally.

The fix? Cyber Security awareness

As Tom Huckle, director of security and compliance EMEA at cybersecurity form Blue Voyant notes:

“The best way to combat threats is to continuously review the threats against a business, adapt to them, and promote a culture of awareness and healthy skepticism amongst staff.”

Security awareness training can help your staff understand threats, company policies, and the role each employee plays in keeping your business safe.

Can we help?

For the past 12 years in a row, we’ve been named as one of the Top 20 IT Training Companies in the World. We offer more than 2,000 accelerated IT courses, including CompTIA Security+, BCS CISMP, and EC-Council Certified Ethical Hacker (CEH).

Could one of them be right for you or your team? Find out how you can save on group training with Firebrand Passport.