With the Global Data Protection Regulation (GDPR) taking effect on May 25, 2018, and the passage of a new consumer privacy law going live in California on January 1, 2020, governments are specifying penalties for organizations that fail to prevent data breaches. It’s safe to assume that further legislation is not far behind.
Organizations need to take cyber security seriously. A record-breaking 5,207 breaches were reported in 2017, exposing over 7.8 billion records. The Ponemon Institute, an independent researcher on privacy, data protection, and information security, estimates the average cost of a breach for a U.S. company reached nearly US$8 million. Companies in the U.S. also have a 27% probability of suffering a data breach in the next 24 months.
Data breach attacks have subsided so far in 2018, but unfortunately, the number of stolen records continues to soar. Current evidence indicates attacks are becoming more targeted, evasive, and lucrative. Cryptocurrency mining or cryptomining malware that take over a computer or smartphone resources to generate revenue has become the leading attack vector so far this year.
In this paper, we’ll explore the current data breach attack landscape and the steps you can take to proactively prevent and mitigate them. Data breaches are not going away. As long as there are financial rewards, cyber criminals will continue their threats.
Impact of Cryptominers: Cryptominers affected over 42% of organizations worldwide, compared to 20.5% at the end of 2017. Over the past six months, cryptomining attacks are estimated to have “earned” their users more than $2.5 billion, and still counting.
What you should know about data breaches
Attack perpetrators have much to gain. They gain access to proprietary, confidential information, and the grand jewels of a breach, including credit card numbers, personal identification, passwords, financial, and medical or government records. A company can lose trade secrets that might give insights into a company’s future stock value. The table below illustrates breaches affect all industries.
Underlying causes of data breaches
External attackers are not the only perpetrators for data breaches. Disgruntled insiders and human error are also main contributors. One survey discovered as much as sixty-four percent of attacks could be traced back to employee or contractor negligence, with a global average of US$3.8 million per incident.
Cyber attackers penetrate company defenses with vulnerable, unpatched systems. Although patching of critical systems is a widely known best practice, delays do happen as cited by Mike Johnson, the CISO of Lyft, “Patching is simply a ‘must do.’ There is no argument there. But anyone who has worked in a business of any size knows there are times when a patch cannot be applied immediately. Patches must be prepared for and designed in. If you have built an environment with the assumption that all systems will be 100% patched at all times, you have a level of brittleness that will fail.”
Breaches also occur accidentally when an employee clicks a tainted email link, sending sensitive information to the attacker or when a database has been misconfigured making it searchable on the internet. Exactis exposed 340 million records on a publicly accessible server, including personal information on hundreds of millions of adults.
How is data compromised?
Cybercriminals use these three key methods to breach your data:
1. Losing access to data with ransomware
Ransomware attacks are a common type of data breach. Stolen data or access to a device is held hostage until the victim pays a ransom. Some organizations rather pay the ransom, than place their business on hold.
2. Duplicating or exfiltrating data
Duplicated data can be used to extort money or to expose confidential or proprietary secrets. Perpetrators fall into three categories:
- Hacktivist: A hacker who exposes data to advance a political or socially motivated cause.
- Espionage: Cyber spies who target government computer networks or businesses with sought-after intellectual property.
- Cyber criminals: Hacker groups that profit by stealing data, such as a business’s point-of-sale system housing credit card and pin information.
3. Losing trust or backdoor
This data breach gained worldwide visibility with the 2016 U.S. presidential elections, when a Nation-State-sponsored hacking group placed backdoors on voting systems, swaying the results. The attacks bypassed system security and evaded detection, accessing computer systems or encrypted data. Firewalls that protect data and block unauthorized access are a good start to prevent sophisticated fifth-generation cyberattacks.
Data breaches are getting more targeted
In the second quarter of 2018, 3.15 million patient records were compromised in 142 healthcare data breaches according to a study by Protenus, Inc. and DataBreaches.net. The researchers discovered that 30 percent of the privacy violations involved repeat offenders, indicating that health systems accumulate risk that compounds over time. Another deliberate and targeted cyberattack struck Singapore’s largest health care group, SingHealth, leaking information of roughly 1.5 million patients. The abundance of attacks on healthcare facilities indicates they’re viewed as “soft targets,” and so much so, the same facility can be victimized repeatedly.
By no means is the healthcare industry the only target. With names like Facebook, T-Mobile, Under Armor, MyHeritage, Exactis, Reddit, Aadhaar, Timehop, and Panera joining the ranks of breached companies in 2018, the likelihood of a company you patronize, work for, or partner with, failing to keep your sensitive information safe is a growing reality. But, there’s good news. Sophisticated cyberattacks are preventable.
Follow these eight steps to build a security foundation for preventing data breaches.
1. Provide security education and training
To help your workforce steer clear of ransomware and other malware, they need to know what they are, how they work, and what precautions to take. Getting locked out of devices or files, or having sensitive data stolen has serious consequences for an organization. A spear phishing crime spree on 300 U.S. universities (and others around the globe) in March of 2018 resulted in the theft of 31 terabytes of data worth US$3 billion in intellectual property. About 8,000 users clicked on malicious links and entered their network login credentials.
2. Enforce strong passwords
A strong password is the first line of defense against intruders and imposters. Users need reminders to never share them, to not use just a single password across systems. One study evaluated 6.1 million anonymized passwords and found the most dangerous mistake people make is recycling the same password (or make slight changes) and using across numerous websites. Unique long-character passwords that mix case-sensitive letters, numbers, and special symbols are still the most durable.
3. Use safe data transfer
Reduce the ability to transfer data from one device to another in order to decrease the risk of data getting into the wrong hands. Use of secure transmission protocols over a secure channel offers safe data transfers. Malicious users may intercept or monitor plaintext data transmitting across an unencrypted network and gain unauthorized access to data.
4. Screen third party vendors
Your security is only as good as the weakest link. It’s easy to overlook the trustworthiness of your third-party vendors and consultants. Make sure they’ve enabled the proper security protocols that prevent hackers from accessing their network and then infiltrating yours. An intrusion prevention system (IPS) is a must have to monitor your network or systems for malicious activities or policy violations.
5. Control hardware access
Regulate employee computers and devices that have access to company data. This can be significantly aided by using encrypted PCs and devices. In any workplace setting, a number of devices can be connected to a server. This requires administrators to control access to systems, monitor and limit resource use, protecting files, among other important functions to maintain high levels of security.
6. Consider a private cloud
Prevent open access to sensitive data by creating an internal private cloud infrastructure where access is allocated to a select number of users who need the data. IT manages and makes available secure, cloud services instrumental to driving specific business needs.
7. Use advance authentication
Implement password updates and two-step authentication to mitigate the risk of unauthorized access. To reduce the risk of a data breach, you can also limit the websites that can be accessed from work devices, invoke frequent password changes, update security software, and monitor access to data.
8. Update software
Keep software current to prevent gaps in your security. Older software with bugs and exploited holes in code are vulnerable to attack. Regular software maintenance helps minimize system hacking.
The need to protect your organization from data breaches is crucial. As discussed in this paper, the risks are growing aided due to carelessness, negligence, or criminality. Too often businesses discover their vulnerabilities after a breach has occurred, and they’ve paid the ransoms. To protect your organization, we recommend a comprehensive and uncompromising preventative approach to cyber security. Lay a foundation of proactive measures such as frequent employee training, preventative security controls, and staying current with industry best practices.
Source: Check Point Software Technologies: 8 STEPS TO PREVENT DATA BREACHES IN YOUR ORGANIZATION