LastPass breach – Deja Vu all over again

Yesterday I got this notification from my Password Manager, LastPass:

The key phrase here is “unusual activity within portions of the LastPass development environment.” This looked too familiar.

One of the most well documented attacks of this nature is the SolarWinds supply chain attack in 2020. Although it is too early to say (the news just broke yesterday), it is very likely this lastPass breach is not much different.

We’ve seen this before on several occasions when hackers use a company’s development environment as an attack vector to inject malicious code. Often this is the case when an enterprise lets down their guard with their development environment and sacrifices security for cost. As a result, weakly secured controls allow the code to make its way into production.

Hence, it becomes critical to improve the security posture by segmenting East-West traffic. This is not easy to do. One could achieve this at a coarse level with network routing domains, but it is far more important to provide granular security – at an application level. This is what Micro-segmentation achieves – the ability to group applications together and then apply policy-based controls. Keep an eye out on how Aviatrix can solve that.