Cybersecurity and the Dell Attack

All is relatively well here at Woesnotgone Meadow, where everyone has above average bandwidth.

In the Meadow, most people have a computer. The models vary per the manufacturer and what the residents want the systems to do. The computers are used for menial tasks on up to coding. A portion of the Meadow uses the Dell systems. This may be due to the person having an account at Dell. For this, this just makes sense to purchase there due to the ease. Although this is easier for the client, recently there was an issue with Dell.

Breach

This took place on November 9, 2018. There was unauthorized access attempted to Dell.com, Premier, Global Portal, and support.dell.com. This, fortunately, was detected on the same day when the Admins noted the unusual activity.

The attacker’s focus was on the customer’s information and data. This included the customer’s name, email address, and hashed passwords. The hashed passwords appear to be a great idea. The issue, however, is Dell did not detail the hashing algorithm. In theory, this could be very weak, which could make the security aspect moot.

In this case, the data was possibly exfiltrated. On its own, the data was very marketable. Curiously with this attack, they did not focus on the payment card data, or other private customer data. Dell was not aware of how the compromise was done. This may have been a case of credential stuffing. The compromise did not affect their operations.

Client’s Affected

As of the end of November 2018, Dell was still investigating the issue. Dell has refused to provide an estimate for the number of clients affected.

Remediation

Dell initiated a password reset for the customer accounts on November 14, 2018. They also notified law enforcement and contracted with a digital forensics business to investigate the compromise.

Thanks for visiting Woesnotgone Meadow, where the encryption is strong, and the O/Ss are always using the latest version.

Resources

Cimpanu, c. (2018, November 28). Dell announces security reach. Retrieved from https://www.zdnet.com/article/dell-announces-security-breach/

Cluley, G. (2018, November 29). Dell suffers security breach, reset customer passwords (but didn’t tell customers why until now). Retrieved from https://www.grahamcluley.com/dell-suffers-security-breach-resets-customer-passwords/

Fossbytes. (2018, November 29). Dell.com breached: Hackers tried to steal customer data. Retrieved from https://fossbytes.comdell-says-a-security-breach-to-steal-customer-data-was-attempted

KFOR-TV, & Query, K. (2018, November 28). Dell warns customers about ‘potential cybersecurity incident’. Retrieved from https://kfor.com/2018/11/28/dell-warns-customers-about-potential-cybersecurity-incident/

Kumar, M. (2018, November 28). Dell resets all customer’s passwords after potential security breach. Retrieved from https://thehackernews.com/2018/11/dell-data-breach-hacking.html

Media Relations. (2018, November 28). Dell announces potential cybersecurity incident. Retrieved from https://www.dell.com/learn/us/en/uscorp1/press-releases/2018-11-28-customer-update

Nichols, S. (2018, November 28). What the dell? Customer passwords reset after miscreants break into big mike’s IT emporium. Retrieved from https://www.theregister.co.uk/2018/11/28/dell_resets_passwords_hack_alert/

O’Donnell, L. (2018, November 28). Dell warns of attempted breach on network. Retrieved from https://threatpost.com/dell-warns-of-attempted-breach-on-network/1394641

RTT News. (2018, November 28). Dell announces security breach. Retrieved from https://www.nasdaq.com/article/dell-announces-security-breach-20181128-01275

Winder, D. (2018, N0vember 29). Dell admits to hackers may have stolen customer data. Retrieved from https://www.forbes.com/sites/daveywinder/2018/11/29/dell-admits-hackers-may-have-stolen-customer-data/#412f3fac215c

About the Author - Charles Parker, II has been working in the info sec field for over a decade, performing pen tests, vulnerability assessments, consulting with small- to medium-sized businesses to mitigate and remediate their issues, and preparing IT and info sec policies and procedures. Mr. Parker’s background includes work in the banking, medical, automotive, and staffing industries.