At the beginning of this week (Monday 16th), TaskRabbit, the IKEA-owned mobile marketplace that matches freelance labour with local demand, had its website and app hacked resulting in both shutting down and going offline. The company had offered a statement to its customers saying, “ we understand how important your personal information is and are working with an outside cybersecurity firm and law enforcement to determine the specifics.”
An investigation is under way to seek what information may have been compromised and how the breach occurred with TaskRabbit advising all users to change passwords and monitor for unusual activity across accounts in case of signs of stolen identity. This is sound security advice but what did the security industry have to say regarding the hack:
Bob Egner, VP at Outpost24 said that the reason this hackers targeted TaskRabbit data is due to it being interesting and valuable. He said, “attacks of this nature are attempted when there is a potential gain for the attacker in this case, to monitize any personal information that can be obtained. All web applications are vulnerable, it’s only a matter of how much effort the attacker is required to expend. It’s really an economic problem where the payback has to be larger than the expended effort.
Any public facing web application that holds large amounts of personal information should have a comprehensive application security testing program in place to assess the application, it’s data stores, the infrastructure on which it runs, and the users assigned to manage and operate the overall system. Any weaknesses should be remediated in a prioritized way so that the potential for attack is reduced to the lowest possible level and maintained there. The focus should be on the economic equation, where the effort required to compromise the system is much greater than the value of any stolen information.”
According to Tim Helming, director of product management at DomainTools, the TaskRabbit breach is an indication of how comprehensively nefarious actors can interfere with business functions–and potentially harm users. Tim goes on to say, “To take control of a website and expose such trusted resources as TaskRabbit’s GitHub repository, as well as daily transaction volumes and information regarding employees, the threat actors must have had comprehensive access to the network. While we don’t yet know the specifics of how this attack unfolded, it is a good reminder of the importance of practices such as least-privilege access controls, robust network segmentation, and strong phishing controls. Organizations need to take cybersecurity seriously, particularly when it could affect the livelihood, reputation and privacy of both employees and service users.”