A version of this post titled “Palantir pillaged?” Originally appeared in the Cyber Saturday edition of Data Sheet, Coins2Day ’sdaily tech newsletter.
Palantir got hacked!
If you read the gripping tale of an ultra-secret, presumably hyper-secure, intelligence agency-friendly, third-most-valuable-unicorn startup getting utterly “dominated” by hackers that BuzzFeed published Friday, and your takeaway was—gasp!—how could such a company get so utterly compromised, then you were misled. (The company had hired white hat hackers, mind you—aka the good kind.)
Here’s the trite truth: Most penetration testing consultancies claim near 100% success rates when attempting to crack open corporate networks. Red teams (attackers) nearly always defeat blue teams (defenders). That Palantir succumbed to the cyber squad it hired specifically to discover its vulnerabilities is no surprise. That’s how it goes.
For more on data breaches, watch:
The ease of breaching data is a problem that plagues companies everywhere—not unique to Palantir. In fact, one could argue that Palantir should be praised for conducting such proactive testing—as not every company does—and for having an “excellent” response, as the organization called in to conduct the hack said. Nice work, PALs. Patch up and keep at it.
In reading the account, you may have missed the most important paragraph, tucked away among others breathlessly describing the assault. Here it is:
Virtually every company is vulnerable to hacks, to varying degrees. In recent years, red teams generally have had a high success rate in getting deep inside of companies’ networks, and they virtually always find at least some security flaws, according to an industry source. That Palantir did a red team exercise shows that it wanted to identify and repair any such flaws. The Veris report notes multiple strengths in Palantir’s defenses, including an “excellent” response by its security staff.
Why single out this one company? As a reporter, I get it. The implication is that if Palantir can be hacked, then A) anyone can be hacked and B) it probably has been hacked already—especially considering the highly confidential government work it handles as well as the persistence of the United States’ adversaries. Even a company as locked down as Palantir has holes.
(What’s most worrisome: Where did that leaked pentest report come from?)
To BuzzFeed’s credit, the story does an excellent job detailing how hackers can make their way around a computer network, hopping from node to node, compromising accounts and servers, and escalating an attack along the way. Still it does a disservice in blasting a firm for taking the very measures it should to learn about and fix its weaknesses.
Anyway, that’s my two cents. Have a great weekend, folks; and a happy Father’s Day to whom it applies. More news here.