HOW TO AVOID A DATA BREACH

MITIGATE THE RISK

What is a data breach?

A data breach is an event resulting in the exposure of sensitive or confidential data, outside of a trusted environment.

Every week, new data breaches are reported across the globe, many of which have far-reaching consequences for companies and their customers. Big multinational companies are often targeted, and hackers have repeatedly gained access to personal details including passwords, email addresses, credit card details and home addresses. This can have a devastating effect on consumer confidence. There’s no mistake about it: data breaches are extremely bad for business.

It’s no surprise that cyberattacks are so common

For criminals, hacking into sensitive or confidential data can be an easy way to gain large financial reward – and their job is often made easier if companies haven’t taken adequate measures to protect their data.

Despite the regular occurrence of data breaches, there are steps you can take to mitigate the risk. Although you may never be able to guarantee your security 100%, companies do have the power to protect themselves and reduce their vulnerability to attack. In this article we’ll explore how data breaches happen alongside the methods cyber-attackers have used to gain access to sensitive data, providing actionable insights and tips on how to avoid a data breach in the future.

Did you know that data breaches have multiple causes?

Intentionally

When hackers gain unauthorized access to data.

Accidentally

When inadequate or misconfigured data security results in the unintentional exposure of data.

Inadvertently

When a lapse in judgement results in the exposure of data.

Intentional data breaches

In the case of an intentional data breach by hackers, the stolen data is often used for illegal profit. It may be associated with identity theft, allowing criminals to assume false identities to carry out illegal activities, or used by competing companies to gain insights into your business activity. Some hackers even hold companies to ransom, using ransomware to gain access and lock organizations out, in order to demand a payment in exchange for restored access to the IT environment. Hackers may be acting within the company, or outside of it.  In most cases this is a result of an APT (Advanced Persistent Threat) that succeeds in penetrating the corporate infrastructure.

Accidental data breaches

Accidental data breaches may not be intended, but the end result may be just as harmful for business. This type of data breach may be caused by technical issues (if software is vulnerable to attack) or human error (if systems or security are incorrectly configured) on the part of the system administrator or DBA. A common example is the deployment of a cloud-based resource without either being aware of or following best practices.

Inadvertent data breaches

Inadvertent data breaches differ in that they stem from mistakes or oversights that the users of data are responsible for as opposed to the admins.  Sometimes employees may unwittingly allow access to data to other employees that should not have access to perform their job but lost or stolen mobile devices, portable storage devices, errant e-mails, and hard copies are also equally common examples.  This attack can also be due to depraved indifference where users simply don’t care or assume “someone else will take care of that – not my job.”

How does a data breach happen?

Methods used to breach data:

  • Spyware and viruses, where malicious software is installed in order to gain access to sensitive data. This can often be prevented using up-to-date anti-virus software, but cyber-attackers are always working to detect vulnerabilities and exploit them.
  • Phishing and smishing. Phishing is a technique used to fool unsuspecting users into giving up personal information such as usernames and passwords. It’s commonly done using email, but smishing uses SMS text messages to achieve the same goal.
  • Unsecured access points such as weak passwords or system structure failure. However diligent website administrators are, they are only human and may forget to secure back-end data. If someone really wants to hack into the IT environment, they will try hard to identify any of these vulnerabilities.
  • System glitches. A bug in your code, or other problems within your IT system can leave it vulnerable to a data breach.

Hackers are always developing new methods

Because hackers are always developing new methods of attack, it can be easy to fall victim to a new scam. For example, Business Email Compromise (BEC) is a form of phishing that is now gaining traction among cyber-thieves. This involves the impersonation of a person of importance within an organization, by constructing a false email to lure an employee to give up user access credentials, or to click on a link which may deliver malware, a Trojan, or other malicious payload.

Sometimes, data breaches happen when companies are slow to respond to common vulnerability exposures (CVEs) or install the latest security patch. These breaches, known as CVE and patch exploitation, allow hackers to gain access through these security gaps in order to attack a company.

Should your business be concerned?

Common data breaches

In 2020, phishing and malware are the two most common attacks attempted against businesses of all sizes, but other cyberattacks are close behind. You can use the analogy of holes in a boat – as one attack method is shown to work, it becomes commonly used – like water rushing to a hole. Hackers and cybersecurity bad actors typically take the easiest route in attempting to gain access or data from a target. Right now, phishing is a low work strategy with potentially high rewards: it is very easy to find millions of email addresses in the dark web, construct an email, and attempt to phish out information (such as access credentials) to unsuspecting targets.

The biggest data breaches - even larger companies are at risk

The biggest data breaches to date have affected giant multinational corporations including Microsoft, FedEx and British Airways. In 2018, Marriott Hotels revealed that personal data, including credit card details, belonging to up to 500 million guests had been accessed by hackers. Meanwhile, internet giant Yahoo! was breached on two separate occasions, suffering attacks that affected every one of its 3 billion users.

Data breaches aren’t always related to the security of your data right now. In September 2019 it was discovered that the phone numbers of 20% of Facebook users (419 million people) were freely available in a database online, having been gathered when developers had access to these details. This permission was revoked in 2018, but it shows how easily historical vulnerabilities can be exploited.

Data breaches are a serious threat.

Every organization on the planet needs to have some sort of data security program in place. Whether they outsource the data security management to a MSSP (Managed Security Service Provider) or opt to host data security management in-house, it needs to be done. There are now too many ways in which sensitive or confidential data can be exposed when it should not be. Therefore, companies need to do more in their effort to protect the data.

How comforte is helping to combat data breaches?

Henning Horst

Chief Technical Officer

phone: + 49 611 93199 00

email: info@comforte.com

Contact us to find out how we can help your organization protect data.