1 / 3

Fortinet Mid-September Data Breach Advisory

<br>We would like to advise our customers to follow these steps. Please note that the breach appears to be a fortinet corporate data breach through shared file servers and does not impact the products that our customers are using. 1 (978)-923-0040 <br>

Download Presentation

Fortinet Mid-September Data Breach Advisory

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Fortinet Mid-September Data Breach Advisory Overview Overview Let’s first review the breach as published in many online sources. Here is the summary of what happened. 1. An individual gained unauthorized access to a limited number of files stored on Fortinet’s instance of a third-party cloud-based shared file drive SharePoint.

  2. 2. The files consist of employee resources, financial reports, HR documents from India, product offerings, US sales reports, professional services, marketing strategies, and customer information. 3. The attackers claimed to have tried to unsuccessfully negotiate with Fortinet and as a result released these data. 4. Fortinet did not seem to comment on negotiation with attackers. 5. The attacker is alleged to be Ukraine based To To our our customers customers With abundance of caution, we would like to advise our customers to follow these steps. Please note that the breach appears to be a Fortinet corporate data breach through shared file servers and does not impact the products that our customers are using. 1. Keep monitoring your domain and emails on Dark web. Using Seceon’s aiSecurity Score 360 is a terrific way to accomplish this. 2. Change the password for all users who are accessing Fortinet ASAP including VPN users. Do not limit yourself to the administration users and users with configuration change privileges. 3. Address any alerts which are raised in your environment as fast as possible but no more than 1 hour from the report. Please pay special attention to alerts where any of your Fortinet devices are involved. 4. We urge you all to have a good balance of leaning towards security risk and operational inconvenience. Based on this, please set up auto- remediation and playbooks to contain threats in near real-time. 5. Please ensure that any outbound facing public IP of the Fortinet devices are configured as your infrastructure IP. This ensures that these devices are monitored for potential security threats. 6. Please follow Fortinet provided risk mitigation plans as applicable for you. Normal Normal hygiene hygiene that that everyone everyone must must follow follow

  3. 1. MFA for all the access. Tokens that are used exclusively for a specific purpose should have additional security such as the allow-listing of the IP that the token will come from. 2. Provide your users “Need to know” based access. This is important to ensure that unauthorized access is denied at the outset itself and thus preventing such large unfavorable news stories about your company. 3. Utilize Machine Learning and AI based solutions like Seceon which will learn from the environment about legitimate use and immediately detect with opportunities to instantly prevent unauthorized use. We urge our customers and all readers to follow basic hygiene and employ a comprehensive security platform like Seceon’s aiXDR with PMaX instead of many disparate point solutions. This will help you stay ahead of the attackers and help improve your abilities to thwart the attacks more effectively. Address - 238 Littleton Road Suite #206 Westford, MA 01886 Email Id - sales@seceon.com Phone No- +1 (978)-923-0040 Website - https://www.seceon.com/

More Related