Semperis commentary on ADT cyber attack
October 2024 by Daniel Lattimer, Vice President, Semperis
The commentary on the ADT cyber attack from Dan Lattimer, Vice President, Semperis
Let’s not lose sight of the fact that threat actors are first and foremost criminals and many run enterprises that generate tens of millions of dollars annually. Their singular goal is revenue generation and their criminal enterprises prey indiscriminately on all companies. They are also persistent, and that appears to be one of the issues facing many organisations in staving off cyberthreats.
For ADT and other global organisations, there is no option other than having an assumed breach mindset. Today, there’s no silver bullet that will solve the cybersecurity challenges facing most organisations. I recommend companies identify the critical services that are “single points of failure” for the business. If critical services go down, the business stops. Have a plan for “what to do if.” This doesn’t have to be perfect but think now about what to do if email goes away, point of sale systems go down or a customer portal or CRM tool gets locked. And practice makes perfect (or at least better) so organisations should test their plans during peacetime.
And keep in mind that identity systems such as Active Directory and Entra ID are targeted in more than 80 percent of attacks, making it imperative that organisations have real time visibility to changes to elevated network accounts and groups.