Viacom’s exposure shows how credential management reflects overall network security

September 21, 2017//Ellen Neveux

Last Updated: November 18, 2020

Credential management is at the core of third-party remote support security. How these “keys to the kingdom” are stored is an excellent measure of your overall network security.

Vendors need to access their enterprise customers’ systems to support their technologies. BUT they do not need to manage or even know that customer’s privileged credentials. SecureLink provides credential storage so an enterprise company can grant access without ever handing over network keys. When vendors are tasked with managing their customers’ privileged credentials network vulnerability increases.

Viacom is now navigating a recent data exposure that outlined, and provided access, their entire IT infrastructure. While this security vulnerability doesn’t seem to be due to vendor error, it does highlight the critical nature of putting policies and process in place that protect network access.

In an article by Robert Abel on SCMagazine.com, we see the impact of credential exposure.

“A mishandling of Viacom’s master AWS key has left the credentials of hundreds of digital properties, including Comedy Central, Paramount, MTV and other entertainment companies, exposed.

On August 30, 2017, UpGuard Director of Cyber Risk Research Chris Vickery spotted a publicly downloadable Amazon Web Services S3 cloud storage bucket containing what appeared to be nothing less than either the primary or backup configuration of Viacom’s IT infrastructure.

The servers contained the passwords and manifests for Viacom’s servers as well as data needed to maintain and expand the IT infrastructure in addition to the access key and secret key for the corporations AWS account, according to a Sept. 19 blog post.

Researchers described the exposed information as the digital road map and blueprint equivalent of the layout of a bank vault, details on the type of safe a bank uses, and what keys they might need to crack it, for threat actors looking to take advantage of Viacom IT systems.

The exposure of this information could have enabled threat actors to essentially harness the power of the media empire to do anything from executing massive phishing campaigns, use trusted brand recognition to trick customers into furnishing personal data, or even spin off additional servers to use Viacom IT systems as a botnet.

‘By exposing these credentials, control of Viacom’s servers, storage, or databases under the AWS account could have been compromised,” the post said. “Analysis reveals that a number of cloud instances used within Viacom’s IT toolchain, including Docker, New Relic, Splunk, and Jenkins, could’ve thus been compromised in this manner.’

About SecureLink

Our sole focus is secure third-party remote access. For highly regulated enterprise organizations, SecureLink Enterprise has pioneered a secure remote access platform. SecureLink for enterprise allows an organization to identify, control, and audit third-party vendors. For vendors, SecureLink is the gold standard remote access support platform because it is easy, efficient, and ensures compliance and reduces liability when supporting customers.

Subscribe to the SecureLink Blog.
close close