4 Handling sensitive data
This chapter covers:
- Basic security principles for automations
- PowerShell secure objects
- Securing sensitive data needed by your scripts
- Identifying and migrating risk
In December of 2020, one of the largest and most sophisticated cyberattacks ever was found to be taking place on systems across the globe. Security experts discovered that the SolarWinds Orion platform was the subject of a supply chain hack. Hackers were able to inject malware directly into the binaries of some Orion updates. This attack was such a big deal because SolarWinds’ Orion is a monitoring and automation platform. Their motto, “One platform to rule your IT stack,” makes it a very enticing target for bad actors.
More than 200 companies and federal agencies were impacted by this attack, including some big names like Intel, Nvidia, Cisco, and the US departments of Energy and Homeland Security. Expert suspect that this attack is responsible for other exploits found shortly after at Microsoft and VMware.
If someone is able to gain full access to an automation platform, not only are they able to perform any action that platform has permissions to perform, they also have access to all the information and data stored inside that platform. So, if you have a script with full domain admin rights or full global administrator, the bad actors will have those rights and privileges.