HPE says hackers breached Aruba Central using stolen access key

Another reason why self-hosting can have benefits…

HPE has disclosed that data repositories for their Aruba Central network monitoring platform were compromised, allowing a threat actor to access collected data about monitored devices and their locations.

HPE disclosed today that a threat actor obtained an “access key” that allowed them to view customer data stored in the Aruba Central environment. The threat actor had access for 18 days between October 9th, 2021, and October 27th, when HPE revoked the key.

1 Like

Yup, even large companies have some serious concerns about third party hosted controllers.

Another reason I have serious misgivings about the “cloud.”

Me too. I got into this with McAfee over the summer… They are pushing their users to migrate to a Cloud ePO for MVISION, and this kind of requires a domain account with enough permissions to install software so that it can push out applications and updates.

Does this sound like a good idea?

Extreme has had a series on their Could IQ control for switching and routing… Seems fine on the surface until you think about what happens when someone breaks in (not if but when). I brought that up in a comment on the video and they just dodged the question.

Thankfully both of the above still offer an on premises controller, but both are pushing for cloud because cloud provides an additional revenue stream past the yearly support that they are now charging for software (and hardware in some cases) updates and security fixes. No more free firmware for Extreme, we are way over $100K per year at work just for support, a full third of the price for a campus wide upgrade. If my equipment didn’t get put into this bigger package, I’d probably go with Juniper or Cisco, costs are about the same when you really start looking at the pricing.