Adobe hack could accelerate next wave of cyberattacks

Adobe has been the subject of repeated sophisticated attacks that have affected the security of approximately 2.9 million customers and saw its source code access. Adobe said on Thursday, that they believe the attackers removed from their system relating to Adobe customers which included customer names encrypted debit or credit card details expiration dates and critical information relating to customer orders. It does not appear that decrypted credit and debit card numbers were accessed. Most of Adobe’s new suite of products sits on the cloud in the form of its Creative Cloud brand.

Adobe as a precaution, is resetting relevant customer passwords to help prevent unauthorized access and is encouraging users to change passwords on any third party site where they might have used the same userid and password. The discovery was made by Adobe’s security team. According to Adobe’s chief security officer, Brad Arkin popular products such as Acrobat, ColdFusion and ColdFusion Builder were included in the source code theft.

“We’re working diligently internally, as well as with external partners and law enforcement, to address the incident.”

Adobe’s software products have for a long time been a favorite target for malware infiltration. The full access that the thieves now have from acquiring the source code will be a major blow for Adobe. According to a blog post on the holdsecurity.com’s website, it was their deep web monitoring program working with journalist Brian Krebs that made the initial discovery they said.

This breach poses a serious concern to countless businesses and individuals. Adobe products are installed on most end-user devices and used on many corporate and government servers around the world. While we are not aware of specific use of data from the source code, we fear that disclosure of encryption algorithms, other security schemes, and software vulnerabilities can be used to bypass protections for individual and corporate data.

What we don’t know at the moment is how the data was encrypted and if in fact it was actually on secure in the first place. Security experts are warning that we actually could be in for a fresh wave of cyber criminality as a direct result of the Adobe breach. In an apology, Adobe said “we value the trust of our customers and we will work aggressively to prevent these types of events from curing in the future, we deeply regret any inconvenience this may cause you”.