We’ve all read the headlines about spectacular data breaches and other security incidents, and the impact that they have had on the victim organisations. From LastPass to SolarWinds, “data security” seems to be the phrase on the lips of every CTO these days. And in some ways there’s no place more vulnerable to attack than a big data environment like a data lake.
From the vault
Data intensive systems have been the target of countless attacks. Some of the most memorable technical exploits include Log4Shell, Heartbleed and ShellShock.
In the Log4Shell incident, it was discovered that a remote backdoor could be opened that granted the attacker command line access on the target system via certain versions of the popular and widely used log4j logging library, where the system would be tricked into calling back to the attacker’s destination of choice. The vulnerability was assigned a 10/10 CVSS score by the Apache Software Foundation – who are the…