It's hard to believe what netzwoche reported on 11 September 2023: A master key from a crash dump was stolen directly from a Microsoft lab in the USA. The hackers from the Chinese Storm-0558 group used this Azure Cloud Signing Key for the Azure Active Directory to attack 25 organisations, including the US government, from May 2023. They captured around 60,000 emails from ten accounts and extensive email address lists of the US authorities.
This hack can happen to all software manufacturers worldwide in the same way. It is a fundamental IT security and data protection risk when customers upload their IT diagnostic data to a manufacturer's support centre as part of problem management. This is because most dumps, logs and traces are gigabytes in size and contain keys, passwords, user IDs, IP addresses, bank and company secrets or even personal data. This sensitive data is freely accessible to the manufacturer and its support staff and developers. Nobody really knows exactly what happens to IT diagnostic data, who accesses it, when it is deleted and what "special utilisation" takes place. If employees' accounts are then compromised by external hackers, they also have direct access to the sensitive data. This is what happened in the Microsoft case.
For the IT audit, this security and data protection gap means a new audit topic for the next audit of IT operations. The aim is to prevent damage to the company. After all, IT diagnostic files are in need of protection. The large volumes of sensitive data should be anonymised before being uploaded to the manufacturer, for example.
This presentation sheds light on the new audit topic of IT diagnostic data for IT audits and IT auditing and provides specific information on the relevant issues in the audit catalogues.
Dr Stephen Fedtke is Chief Technology Officer (CTO) of ENTERPRISE-IT-SECURITY.COM, a service division of the Swiss company Dr Stephen Fedtke System Software, based in Zug, specialising in IT security and compliance solutions.
As co-founder of this IT solution provider, he has been responsible for the development and implementation of highly innovative and reliable technologies for 20 years. Dr Stephen Fedtke is an industrial engineer specialising in electrical engineering. He is the author and editor of numerous specialised books in the field of information technology published by Springer Vieweg Verlag.
Event Date | 09. Apr 2024 16:40 |
Event End Date | 09. Apr 2024 17:40 |
Capacity | Unlimited |
Individual Price | free |
Sprache / Language | Deutsch |
CPE Hours | 1 |
Location | Hybrid Event - Detecon (Schweiz), Zurich AG |