McKinsey & Company Breach Incident Score: Analysis & Impact (MCK1773109656)

In this Rankiteo incident briefing, we review the McKinsey & Company breach identified under incident ID MCK1773109656.

The analysis begins with a detailed overview of McKinsey & Company's information like the linkedin page: https://www.linkedin.com/company/mckinsey, the number of followers: 6920938, the industry type: Business Consulting and Services and the number of employees: 38633 employees

After the initial compromise, the video explains how Rankiteo's incident engine converts technical details into a normalized incident score. The incident score before the incident was 826 and after the incident was 815 with a difference of -11 which is could be a good indicator of the severity and impact of the incident.

In the next step of the video, we will analyze in more details the incident and the impact it had on McKinsey & Company and their customers.

On 29 February 2024, McKinsey & Company disclosed AI-driven cyberattack issues under the banner "AI Agent Exploits McKinsey’s Internal Chatbot in Under Two Hours".

Researchers at security startup CodeWall demonstrated how an autonomous AI agent hacked McKinsey’s internal generative AI platform, *Lilli*, gaining full read-and-write access to its production database within two hours.

The disruption is felt across the environment, affecting McKinsey’s internal generative AI platform (*Lilli*), and exposing 46.5 million chat messages, 728,000 confidential client files, 57,000 user accounts, 95 writable system prompts, with nearly 46.5 million chat messages, 728,000 files, 57,000 accounts, 95 prompts records at risk.

In response, moved swiftly to contain the threat with measures like Took development environment offline, secured API documentation, and began remediation that includes Patched SQL injection vulnerability, and stakeholders are being briefed through Company spokesperson confirmed no unauthorized client data access.

The case underscores how Resolved, teams are taking away lessons such as Risks of AI systems interacting with insecure databases, potential for large-scale data manipulation via AI-driven attacks, and recommending next steps like Secure API endpoints, implement authentication for database access, monitor AI system interactions for anomalies.

Finally, we try to match the incident with the MITRE ATT&CK framework to see if there is any correlation between the incident and the MITRE ATT&CK framework.

The MITRE ATT&CK framework is a knowledge base of techniques and sub-techniques that are used to describe the tactics and procedures of cyber adversaries. It is a powerful tool for understanding the threat landscape and for developing effective defense strategies.

Rankiteo's analysis has identified several MITRE ATT&CK tactics and techniques associated with this incident, each with varying levels of confidence based on available evidence. Under the Initial Access tactic, the analysis identified Exploit Public-Facing Application (T1190) with high confidence (90%), supported by evidence indicating exploited an unauthenticated SQL injection vulnerability in Lilli’s API. Under the Execution tactic, the analysis identified Command and Scripting Interpreter: JavaScript (T1059.007) with moderate to high confidence (80%), supported by evidence indicating manipulating JSON keys in user search queries. Under the Persistence tactic, the analysis identified Server Software Component: Web Shell (T1505.003) with moderate to high confidence (70%), supported by evidence indicating allowed attackers to rewrite Lilli’s system prompts with a single HTTP request. Under the Privilege Escalation tactic, the analysis identified Exploitation for Privilege Escalation (T1068) with moderate to high confidence (80%), supported by evidence indicating gaining full read-and-write access to its production database. Under the Defense Evasion tactic, the analysis identified Bypass User Account Control (T1088) with moderate confidence (60%), supported by evidence indicating bypassed standard security tools via SQL injection and Impair Defenses: Disable or Modify Tools (T1562.001) with moderate confidence (50%), supported by evidence indicating bypassing standard security tools. Under the Credential Access tactic, the analysis identified Unsecured Credentials: Chat Messages (T1552.008) with high confidence (90%), supported by evidence indicating exposed 46.5 million chat messages...in plaintext and OS Credential Dumping: NTDS (T1003.003) with moderate to high confidence (70%), supported by evidence indicating 57,000 user accounts...in plaintext. Under the Discovery tactic, the analysis identified Account Discovery: Cloud Account (T1087.004) with moderate to high confidence (80%), supported by evidence indicating exposed 57,000 user accounts and Network Service Discovery (T1046) with moderate to high confidence (70%), supported by evidence indicating 22 unsecured endpoints publicly exposed. Under the Collection tactic, the analysis identified Data from Local System (T1005) with high confidence (90%), supported by evidence indicating exposed 46.5M chat messages, 728K confidential client files and Data from Code Repositories: System Prompts (T1213.003) with moderate to high confidence (80%), supported by evidence indicating 95 writable system prompts all in plaintext. Under the Command and Control tactic, the analysis identified Application Layer Protocol: Web Protocols (T1071.001) with moderate to high confidence (80%), supported by evidence indicating exploitation via unauthenticated SQL injection in API. Under the Exfiltration tactic, the analysis identified Exfiltration Over C2 Channel (T1041) with moderate to high confidence (70%), supported by evidence indicating potential for large-scale data manipulation via AI-driven attacks. Under the Impact tactic, the analysis identified Data Manipulation: Transmitted Data Manipulation (T1565.002) with high confidence (90%), supported by evidence indicating potentially poisoning responses for McKinsey’s 40,000+ users. These correlations help security teams understand the attack chain and develop appropriate defensive measures based on the observed tactics and techniques.