Breach-Weary Snowflake Strikes to MFA, 14-Character Passwords
Governance & Risk Management
,
Multi-factor & Risk-based Authentication
,
Password & Credential Management
New Safety Measures Observe Excessive-Profile Hacks of Snowflake Prospects
Cloud-based data warehousing platform Snowflake has rolled out default multifactor authentication – as well as a 14-character password minimum – to shore up security in the wake of a series of cyberattacks in June that hit high-profile customers including Santander Bank, Advance Auto Parts, the Los Angeles Unified School District and luxury retailer Neiman Marcus.
See Also: Protect Your Amazon S3 Data: Why Versioning, Replication, and AWS Backup are Not Enough
Attackers compromised the Bozeman, Montana-based firm’s third-party surroundings and used stolen credentials to steal from Snowflake buyer tenants, obtain their recordsdata and demand $5 million in trade for a promise to delete stolen information (see: Snowflake Hacking Spree Puts 165 Organizations at Risk).
The corporate on Friday announced new safety measures associated to authentication for accounts created in October, together with MFA, longer passwords and no repeat passwords.
“Multifactor authentication can be enforced by default for all human customers in any Snowflake account created in October 2024,” the corporate said, including that the adjustments will assist make sure the platform is “safer by default,” with a aim of eliminating “password-only sign-ins.”
For Snowflake service customers are suggested to they depend on OAuth token verification or key pair authentication whereas connecting to the platform from exterior sources like information visualization instruments PowerBI, dbt Labs and Tableau.
Particulars of the assaults first emerged on Might 30, after information stolen from Reside Nation Leisure’s Ticketmaster appeared on the market on the legal market BreachForums (see: Snowflake Clients Targeted With Credential Attacks).
The hacks had been blamed on credential stuffing by which attackers reuse username and password pairs stolen or in any other case obtained from different providers or information leaks. An evaluation of the assault by Google Mandiant attributed the hacks to a financially motivated menace group it tracks as UNC5537.
Snowflake launched some safety features in July to strengthen using multifactor authentication, together with giving directors the flexibility to mandate that every one of their Snowflake account consumer should make use of robust authentication and the discharge of free-to-use instruments that enable directors to trace credential theft, overprivileged accounts and “stale customers” that not require entry to the service (see: After Customers Get Breached, Snowflake Refines Security).
Snowflake didn’t instantly reply to a request for remark. The corporate on Friday stated its current efforts align with the Cybersecurity and Infrastructure Safety Company’s Safe By Design Pledge, which calls on cloud providers, on-premises software program and different software program producers to design merchandise with higher built-in safety.