DATA breaches can be far more than a temporary terror – they may change the course of your life. Businesses, governments and individuals alike can experience huge complications from having sensitive information exposed. Whether you are offline or online, hackers can get to you through the internet, Bluetooth, text messages or the online services that you use.
A small vulnerability can cause a massive data breach if proper attention to detail is not given.
What is data breach?
Exposing confidential, sensitive or protected information to an unauthorised person. The files in a data breach are viewed and/or shared without permission. Anyone can be at risk – from individuals to high-level enterprises and governments. More importantly, anyone can put others at risk if they are not protected.
In general, a data breach can happen due to weaknesses in technology and user behaviour. As our computers and mobile devices get more connective features, there are more places for data to slip through. New technologies are being created faster than we can protect them.
Devices in the Internet of Things sector are proof that we are increasingly valuing convenience over security. Many “smart home” products have gaping flaws, like lack of encryption, from which hackers are taking advantage. Since new digital products, services and tools are being used with minimal security testing, we will continue to see this problem growing.
However, even if the backend technology was set up perfectly, some users will likely still have poor digital habits. All it takes is one person to compromise a website or network. Without a comprehensive security, you are almost guaranteed to be at risk.
How can it occur?
The assumption is that a data breach is caused by an outside hacker, but that is not always true. Reasons for how a data breach happens may sometimes be traced back to intentional attacks. However, it can just as easily result from a simple oversight by individuals or flaws in a company’s infrastructure.
-> Accidental insider: An employee using a co-worker’s computer and reading files without having the proper authorisation permissions. The access is unintentional, and no information is shared. However, because it was viewed by an unauthorised person, the data is considered breached.
-> Malicious insider: This person purposely accesses and/or shares data with the intent of causing harm to an individual or company. The malicious insider may have legitimate authorisation to use the data, but there is intent to use the information in nefarious ways.
-> Lost or stolen devices: An unencrypted and unlocked laptop or external hard drive, anything that contains sensitive information, goes missing.
-> Outside criminals: Hackers who use various attack vectors to gather information from a network or an individual.
Malicious methods used
Popular methods used by hackers: Phishing, brute force attacks and malware.
Phishing: These social engineering attacks are designed to fool you into causing a data breach. Phishing attackers pose as people or organisations you trust to easily deceive you. They try to coax you into handing over access to sensitive data or provide the data itself.
Brute force attacks: Hackers may enlist software tools to guess your passwords. Brute force attacks work through all the possibilities for your password until they guess correctly. These attacks take some time but have become rapid as computer speeds continue to improve. Hackers even hijack other devices via malware infections to speed up the process. If your password is weak, it may only take a few seconds to crack it.
Malware: Your device’s operating system, software, hardware or the network and servers you are connected to can have security flaws. These gaps in protection are sought out by criminals as the perfect place to shove malware into. Spyware, specifically, is ideal for stealing private data while being completely undetected. You may not find this infection until it is too late.
Targetted data breach
Although a data breach can be the result of an innocent mistake, real damage is possible if a person with unauthorised access steals and sells Personally Identifiable Information (PII) or corporate intellectual data for financial gain or to cause harm.
Malicious criminals tend to follow a basic pattern: Targetting an organisation for a breach takes planning. They research their victims to learn where the vulnerabilities are, such as missing or failed updates and employee susceptibility to phishing campaigns.
Hackers learn a target’s weak points, then develop a campaign to get insiders to mistakenly download malware. Sometimes they go after the network directly. Once inside, they search for the data they want, and have lots of time to do it, as the average breach takes more than five months to detect.
-> Weak credentials. The vast majority of data breaches are caused by stolen or weak credentials. If malicious criminals have your username and password combination, they have an open door into your network. Because most people reuse passwords, cybercriminals can use brute force attacks to gain entrance to email, websites, bank accounts and other sources of PII or financial information.
-> Stolen credentials. Breaches caused by phishing are a major security issue, and if cybercriminals get hold of this personal information, they can use it to access your bank and online accounts.
-> Compromised assets. Various malware attacks are used to negate regular authentication steps that would normally protect a computer.
-> Payment card fraud. Card skimmers attached to gas pumps or ATMs steal data whenever a card is swiped.
-> Third-party access. Although you may do everything possible to keep your network and data secure, malicious criminals can use third-party vendors to make their way into your system.
-> Mobile Devices. When employees are allowed to bring their own (BYOD) devices into the workplace, it is easy for unsecured devices to download malware-laden apps that give hackers the data stored on the device. That often includes work email and files as well as the owner’s PII.
Damage from data leak
In many cases, data breaches cannot just be patched up with some password changes. The effects can be a lasting issue for your reputation, finances and more.
On business organisations: The breach can have a devastating effect on an organisation’s reputation and financial bottom line. Many people associate/remember the companies for the data breach incident, rather than their actual business operations.
On government organisations: Compromised data can mean exposing highly confidential information to foreign parties. Military operations, political dealings and details on essential national infrastructure can pose a major threat to a government and its citizens.
On individuals: Identity theft is a major threat to data breach victims. Data leaks can reveal everything from social security numbers to banking information. Once a criminal has these details, they can engage in all types of fraud under your name. Theft of your identity can ruin your credit, pin you with legal issues, and it is difficult to fight against.
While these are common cases, the harm done by data breach can extend far beyond these situations. It is essential that you investigate whether your data has already been exposed. You may want more comprehensive monitoring to know in r eal-time if your data has leaked. Products like Kaspersky Security Cloud offer data leak detection and help you navigate the situation.
The best way to protect yourself is to avoid being a victim in the first place. No security plan is perfect, but there are ways you can defend yourself, whether you are an individual or an enterprise.
How to prevent being a victim
Data breach prevention needs to include everyone at all levels, from end-users to IT personnel, and all people in between. Security is only as strong as the weakest link. Every person that interacts with a system can be a potential vulnerability. Even small children with a tablet on your home network can be a risk. Best practices to avoid data breach:
-> Patching and updating software as soon as options are available;
-> High-grade encryption for sensitive data;
-> Upgrading devices when the software is no longer supported by the manufacturer;
-> Enforcing BYOD security policies, like requiring all devices to use a business-grade VPN service and antivirus protection;
-> Enforcing strong credentials and multifactor authentication to encourage better user cybersecurity practices. Encouraging users to start using a password manager.
-> Educating employees on best security practices and ways to avoid socially engineered attacks.
George Matthews, Principal Data Privacy and Security Xompliance Analyst/Data protection Officer, NT Business Consulting and Training. Comments: email@example.com