Press Release

Press Coverage for Kevin Novak, Managing Director, Cybersecurity, Breakwater Solutions

3/24/2022

CPO Magazine

“Hacking Group Claims It Compromised Authentication Services Provider Okta; Causing Widespread Concern Over Security Breach”

Though it is not clear if Okta has accurately represented the security breach, its authentication services clients should certainly hope that it has given that LAPSUS$ issued a statement saying that it is “only” focusing on Okta clients at the moment.  Kevin Novak, Managing Director for Breakwater Solutions , notes that this puts these companies in a difficult position: “Of major concern to all is: “what then?”  If the Okta environment is compromised, companies can’t simply flip a switch and authenticate/authorize on a different platform.  These are embedded platforms that require time to swap … While some have made conjectures about whether this hack contributed to another breach here or there, it would seem that a full compromise of Oktas backend would have become far more obvious by now, but we’ll see more over the next few months.”

3/22/2022

Channel Futures

“Lapsus$ Hacking Group Reportedly Hits Microsoft, Okta”

Kevin Novak is managing director at Breakwater Solutions. He said if the compromise involved a successful assault on client information, such as client credentialing, key materials or source code pertaining to environments that may lead to client compromises, then Okta may suffer much greater scrutiny from the field for its “lack of adequate, timely notification of the event.”

“Security professionals around the world are debating the list of compromise possibilities based on the pictures posted about the hack, but no definitive word has been shared by Okta,” he said.

If hackers compromised Okta’s environment, companies can’t “simply flip a switch” and authenticate/authorize on a different platform, Novak said. Embedded platforms require time to swap.

“While some have made conjectures about whether this hack contributed to another breach here or there, it would seem that a full compromise of Okta’s backend would have become far more obvious by now, but we’ll see more over the next few months,” he said.

3/22/2022

Threatpost

“Lapsus$ Data Kidnappers Claim Snatches From Microsoft, Okta”

Kevin Novak, managing director of Breakwater Solutions, suspects that the scope of Okta’s backend breach is likely limited. Otherwise, given Okta’s massive customer base, we’d likely know it by now. “While some have made conjectures about whether this hack contributed to another breach here or there, it would seem that a full compromise of Okta’s backend would have become far more obvious by now, but we’ll see more over the next few months,” he said.

“If … the compromise involved a successful assault on client information, such as client credentialing, key materials, or source code pertaining to environments that may lead to client compromises, then Okta may suffer much greater scrutiny from the field for its lack of adequate, timely notification of the event,” Novak noted.

3/21/2022

MSN

“Biden warns Americans are at high risk of Russian cyberattacks after Ukraine invasion: What you should do right now”

With technology delivering so many of our basic needs, those repercussions can be wide-ranging, from supply shortages at your local grocery store to widespread power outages, says Kevin Novak, managing director of security firm Breakwater Solutions.

“So while at the moment I do not believe that private U.S. citizens should cower in fear over Russia’s capability of adversely impacting them via cyberattacks, it is reasonable to expect that their lives will be impacted in some ways by cyber retaliatory actions that result from U.S. sanctions and other political maneuvering,” Novak said.

3/9/2022

Express

“Is Russia launching cyber attacks? How Ukraine faces battle on TWO fronts”

Speaking to US magazine The National Interest, Kevin Novak, managing director of Breakwater Solutions, a cybersecurity firm, said Russia has chosen to go “kinetic” first.

Any pursuit of cyber warfare won’t have nearly the same commitment, designed “purely” to complement the initial assault.

Mr Novak explained the cyberattacks would work to “debilitate” Ukrainian military capabilities and lay the ground for eventual surrender.

In this case, an online campaign would pick at Ukraine’s financial system and attempt to shift public favour in Russia’s direction.

The country could also use attacks to “compensate for sanctions imposed globally against Russia”, Mr Novak added.

Their latest activities have seen them accomplish what Mr Novak suspected Russia might attempt.

3/6/2022

The National Interest

“Why Hasn’t Russia Launched a Major Cyber Attack Against Ukraine?”

“I am not a strategic military analyst, but from what I’ve seen, Russia has already gone kinetic—they have boots on the ground,” explained Kevin Novak, managing director of cyber security firm Breakwater Solutions.

“The use of cyber-attacks will be purely complementary,” Novak said via email. “They will be used to debilitate Ukraine’s military capabilities, create economic pressure to surrender, and shift public opinion in their favor. It may also be used as a means by which to compensate for sanctions imposed globally against Russia—something that will not be confined to Ukraine alone. Several news reports have already cited seven to eight times increases in Russian-based phishing attacks around the world over the past week.”

….

Experts note that while the Ukrainian military was focused on countering the invading Russian forces on the ground, the government was also prepared to protect the country from cyber threats. “I’m quite certain that Ukraine is doing all it can to defend against Russia and is undoubtedly employing cyber defenses in a similar fashion, as best it can,” said Novak. “We’re also seeing allies – possibly public, and definitely private—to both sides entering the ring, and at least from a cyber perspective, we may be looking at a more global initiative.”

It is also possible that Russia may have already gained a foothold into other Ukrainian public and private sector entities that simply haven’t been detected yet. “I suspect we’ll see more over the coming weeks,” Novak continued. “Russia may also be gauging public opinion and political backlash from their actions so far, or they may somehow be impaired. That is a good question for our intelligence community.”

3/1/2022

WBZNewsRadio

“Americans Now At Higher Risk Of Russian Cyberattacks – Here’s What To Do”

Nayyar said it’s unlikely that cyber attackers would target Americans individually, but noted that “the reality is that any cyberattack can have repercussions on individuals,” which Kevin Novak, managing director of security firm Breakwater Solutions, told USA TODAY includes a wide-range of problems such as supply shortages at grocery stores caused by power outages.

“So while at the moment I do not believe that private US citizens should cower in fear over Russia’s capability of adversely impacting them via cyberattacks, it is reasonable to expect that their lives will be impacted in some ways by cyber retaliatory actions that result from US sanctions and other political maneuvering,” Novak said via USA TODAY.

2/28/2022, Updated 3/21/22

USA Today

“Biden warns Americans are at high risk of Russian cyberattacks after Ukraine invasion: What you should do right now”

With technology delivering so many of our basic needs, those repercussions can be wide-ranging, from supply shortages at your local grocery store to widespread power outages, says Kevin Novak, managing director of security firm Breakwater Solutions.

“So while at the moment I do not believe that private U.S. citizens should cower in fear over Russia’s capability of adversely impacting them via cyberattacks, it is reasonable to expect that their lives will be impacted in some ways by cyber retaliatory actions that result from U.S. sanctions and other political maneuvering,” Novak said.

2/9/2022

SC Magazine

“One-third of employees who quit their jobs take company IP with them”

Part of the difficulty companies have in detecting insider threats is that they are dealing with individuals who have been granted legitimate access to the data they are exfiltrating, said Kevin Novak, managing director at Breakwater Solutions.

Novak said security programs for most firms are designed to protect the confidentiality, integrity, and availability of data from individuals who don’t have legitimate access. He said the way to understand if a legitimately entitled individual is stealing data or otherwise violating policies or employment agreements, an enterprise must have the following:

  • Data classified (manually or automatically).
  • Entitlements clearly defined so that it’s understood what data an individual should have access to, and what actions that person can perform with that data.
  • Tools and protocols in place to prevent that person from performing actions that are contrary to their designated level of entitlement. This often comes down to simple detect/hold technologies like DLP tools, and more sophisticated tools that detect anomalies in an individual’s behavior: they try to download an entire list of client records, even though they normally only look at one record at a time.

1/28/2022

HelpNetSecurity

“Healthcare industry most common victim of third-party breaches last year”

Kevin Novak, Managing Director, Breakwater Solutions: “By attacking third parties, attackers gain the benefit of hitting an aggregated target; particularly when they can compromise the product being provided by that third party…a software package that then gets distributed to end-users for instance. It’s no wonder why the supply-chain vector has increased so broadly as a preferred target of cyber-attacks. Suppliers are data rich and have significant impetus to pay ransoms lest they lose customers who are paying for their services to remain online and for their data to remain secure.”

“While it is certainly the case that some ransomware attacks are all about ransom and quick returns, a sizeable percentage of ransomware attacks have a more protracted lifecycle that includes deployment of a ransomware across the enterprise, but also includes other objectives too. In these cases, attackers will attempt to find opportunities to commit fraud or exfiltrate data, leaving ransomware as a final parting gift.”

“Whereas ransomware, phishing, unauthorized network access, malware (ransomware being a type), zero-day vulnerabilities, etc., are all methods, these attacks are not all perfectly detached from one another. A phishing attack may lead to unauthorized network access, which might lead to discovery and exploitation of a zero-day vulnerability, that leads to account compromise, that finally give an attacker the ability to deploy ransomware throughout the organization. Sometimes there are fewer steps in the process (phishing that self-propagates ransomware enterprise-wide), but this often isn’t the case.”

1/18/2022

TechNewsWorld

“Data Breaches Affected Nearly 6 Billion Accounts in 2021”

Kevin Novak, managing director of cybersecurity consulting at Breakwater Solutions  a risk mitigation, data management and analytics company in Austin, Texas explained that shifts from a predominantly captive workplace to a predominantly remote one, as a result of the pandemic, have been a driving force behind shifts in how attackers have pursued their targets.

“Since an exceedingly large percentage of attacks focus on the end-user, this move to remote has proven very fruitful for attackers,” he told TechNewsWorld.

“Similarly,” he continued, “the pandemic has dramatically changed the way goods and services are manufactured, dispatched and consumed. These changes acted as an unnatural tailwind that has driven enterprises to rapidly adopt a new digital persona.”

“The pace and newness of this adoption have created a more fertile and consolidated attack surface for attackers who will leverage enterprise misconfigurations until they’ve learned how to manage these new platform paradigms.”

“The scale, complexity, and cost of breaches increased dramatically in 2021,” he added.

“Though we certainly saw our share of low-hanging-fruit attacks, we also saw some of the most sophisticated and impactful breaches of all time,” he said.

About Breakwater Solutions

Breakwater helps enterprises mitigate risk and gain insight from sprawling information by combining technology automation and human expertise. We empower governance, legal, and risk professionals to locate, access, analyze, and manage information by making data transparent and actionable. Our solutions are comprised of expert consulting, AI-infused technology, and ongoing managed services, all of which directly address the myriad challenges within information governance, disputes and investigations, regulatory compliance, privacy, and cybersecurity.

###

Media Contact
Alan Brooks
alan.brooks@breakwatersolutions.com
917.985.8831