More info about Ubiquiti's data breach.

Started by Dieselboy, March 30, 2021, 09:43:26 PM

Previous topic - Next topic

wintermute000

Its pretty brutal - full compromise, keys, heck they were firing up their own servers in the Ubiquiti AWS environment (ROFL)
They need to be hung, drawn and quartered if true and they did not disclose

deanwebb

Of course, the comments section has some nuggets of comedy GOLD in it...


But this is a disaster, good to see the company punished with only a smaller increase in stock price than expected. :doh:


I see Ubiquiti gear on a lot of customer networks. I wonder if I'll continue to see it. Huawei is already on its way out in a number of accounts, and something like this can see a phase-out of this vendor in favor of Mist or Meraki.
Take a baseball bat and trash all the routers, shout out "IT'S A NETWORK PROBLEM NOW, SUCKERS!" and then peel out of the parking lot in your Ferrari.
"The world could perish if people only worked on things that were easy to handle." -- Vladimir Savchenko
Вопросы есть? Вопросов нет! | BCEB: Belkin Certified Expert Baffler | "Plan B is Plan A with an element of panic." -- John Clarke
Accounting is architecture, remember that!
Air gaps are high-latency Internet connections.

config t

I never heard of them until I read this article. Smooth move blaming the "third-party".
:matrix:

Please don't mistake my experience for intelligence.

Dieselboy

Companies like this, where management hide things because they worry about the stock price = complete crap, untrustworthy and a high risk investment due to the unknowns and lies.

It's much better to say - We F'd up because of X.Y.Z. We've implemented processes A.B.C to try and prevent this from occurring again. etc.

Because of the Ubiquiti lies and deceit, there is no assurance or guarantee that this wont happen again. There are big question marks if they even fully realise the gravity of the situation, because of the lack of disclosure. 

Avoid. Avoid. Avoid. You don't need those risks to your business. Even if the product is secure and capable, their management don't know their ass from their elbow and that's the main issue now. Bad decisions follow bad decisions and that's what got them into this mess in the first place. Management should be let go WITHOUT a severence package - unfortunately companies like this will pay out their management millions of $ just to leave as some kind of a reward for F-ing up. 

deanwebb

Quote from: Dieselboy on March 31, 2021, 10:01:51 PM
Companies like this, where management hide things because they worry about the stock price = complete crap, untrustworthy and a high risk investment due to the unknowns and lies.

It's much better to say - We F'd up because of X.Y.Z. We've implemented processes A.B.C to try and prevent this from occurring again. etc.

Because of the Ubiquiti lies and deceit, there is no assurance or guarantee that this wont happen again. There are big question marks if they even fully realise the gravity of the situation, because of the lack of disclosure. 

Avoid. Avoid. Avoid. You don't need those risks to your business. Even if the product is secure and capable, their management don't know their ass from their elbow and that's the main issue now. Bad decisions follow bad decisions and that's what got them into this mess in the first place. Management should be let go WITHOUT a severence package - unfortunately companies like this will pay out their management millions of $ just to leave as some kind of a reward for F-ing up. 

TRUTH

As for Ubiquiti...

:fail1:
Take a baseball bat and trash all the routers, shout out "IT'S A NETWORK PROBLEM NOW, SUCKERS!" and then peel out of the parking lot in your Ferrari.
"The world could perish if people only worked on things that were easy to handle." -- Vladimir Savchenko
Вопросы есть? Вопросов нет! | BCEB: Belkin Certified Expert Baffler | "Plan B is Plan A with an element of panic." -- John Clarke
Accounting is architecture, remember that!
Air gaps are high-latency Internet connections.