A phishing attack on Dropbox was identified on October 14th targeting members of it's staff. Using employee credentials, attackers gained access to one of it's GitHub accounts and stole 130 code repositories. Using emails impersonating the CircleCI continuous integration and delivery platform, employees were redirected to a phishing landing page where they were asked to enter their username and password.
Dropbox had controls in place to limit the spread of this attack. Due to extra security layers applied in order to protect sensitive data, the amount of compromise was significantly reduced. Businesses must remain attentive in enacting proper identity access management solutions to fight phishing campaigns. The Dropbox security team was able to locate, respond and shut down a threat before any code for infrastructure or core apps was acquired.
Almog Alpirion, CEO & Co-Founder of Cyolo, weighed in on the matter:
“Far too often employees fall victim to phishing attacks, placing sensitive company assets at risk of malicious threats. The important piece to recognize in this case is that systems and processes were in place to detect symptoms of a breach and allowed the afflicted organization to jump right on their investigation and notify all of those affected.
With the rise of remote work, it has become challenging for organizations to implement perimeter security systems. Often, they are attempting to determine how to safeguard employees while they are no longer physically present in the office. These types of attacks serve as a constant reminder that our identity is now the perimeter of our organization. By increasing the adoption of zero trust practices, businesses can ensure the validation of all users, limit the applications each user is entitled to, and capture a full audit trail for forensic and compliance needs.”