[BreachExchange] Anatomy of a Data Breach: How Cybercriminals Get In

Audrey McNeil audrey at riskbasedsecurity.com
Tue Apr 5 18:18:45 EDT 2016


http://inhomelandsecurity.com/anatomy-of-a-data-breach-how-cybercriminals-get-in/

Most professionals don’t have to worry about thieves arriving and stealing
everything that isn’t nailed down the floor. There are still security
concerns, of course, but most of them now revolve around cybercrime and the
potential disaster of a data breach. These fears are well founded, as
cybercrime amounts to billions of dollars lost each year. In addition to
the monetary concerns are the costs of bad press for your business and even
legal issues in the event customer data is leaked.

Data breaches don’t come out of thin air. They are usually the result of a
significant vulnerability in your cybersecurity strategy. They are usually
preventable. If you understand how they happen in the first place and some
of the potential defenses you can use, you can prepare your business and
likely avoid a data breach entirely.

Here are some of the main ways in which a hacker can infiltrate your
business in order to cause a data breach:

Human Error and Social Engineering

Business owners and decision makers don’t need to worry about the integrity
of their systems as much as they should worry about the human factor in
cybersecurity. People are much harder to perfect than machines, and as
such, it is generally a good idea to have a clear set of guidelines on how
employees should handle technology and cybersecurity measures. Scammers
will often have an advantage over employees and human error can lead to a
data breach in the following ways:

- Poor passwords and inadequate verification measures allow for hackers to
either easily guess login information or use the same login information for
multiple accounts should it get out. This quickly and easily leads to a
data breach through cloud services or email access.
- Phishing scams are still used because they’re still effective. Businesses
should take time to train employees on how to recognize common phishing
scams. Note that a hacked co-worker’s account could be asking for sensitive
information and the victim might not even realize it.
- Employees will often not follow proper procedures in terms of access or
data management. Measures and guidelines are there for a reason, and lax
treatment of those guidelines often leads to a mistake in which a scammer
or hacker can slip in and out with your business’ data.

Remote Vulnerabilities or Service Failure

A business will often take great lengths to protect the office and office
equipment yet forget that employees and tools are not always at the office.
Some things are out of the direct hands of your business, and that means
taking extra precautions in the event that outside services fail. Technical
and online services need to be picked out carefully. A hacker won’t try to
take down Dropbox just to get to your business’ files, but you can be sure
that they will be happy to take your data along with the rest of their
spoils.

Remote and traveling employees will also need to watch out for data
interception on public networks. Hackers will often have a setup using a
“sniffer” program that allows them to catch everything being transmitted
over the network. This can include account information and private business
correspondence, which quickly leads to a data breach. To counter this, most
businesses will equip remote employees with a trusted Virtual Private
Network in order to encrypt information on whatever network they’re using.

Whatever the needs of your business are, make sure that you are using
trusted services and that everyone relevant knows how to use them safely
and securely. Don’t be afraid to invest, and don’t be afraid to spend time
researching what the best options are.

Employee Corruption or Misuse of Technology

Fortunately, most companies don’t have to worry about the problem of
malevolent employees as much as they do incompetent employees. That being
said, an overabundance of access can easily lead to a data breach. You
don’t want to go on a hunt inside company walls whenever there is a
security problem. Corporate espionage is real, but it requires a balanced
reaction so as to not create an environment of mistrust in the office. A
data leak can happen with just a flash drive and a motive, so make sure
that your business only employs trustworthy people.

Another situation that can result in a data breach is misuse of programs or
technology. This can simply be taking home files that should be kept safely
in the office, or it could be trying to hack software that shouldn’t be
touched within the workplace. Employees rarely know everything they are
doing when it comes to cybersecurity, so businesses need to take decisive
action whenever sensitive data is put at risk by employee negligence or
greed.

There Are Always Concerns for the Future

You need to stay aware that there are other vulnerabilities on the way that
could affect your business down the line. As security efforts get more
sophisticated and effective, cybercriminals will continually seek ways to
gain the upper hand. They might start using newly developed tools to create
a vulnerability or develop a new but effective scam to trick your
employees. The most important thing to do is to have a close eye on the
online environment in order to meet any unforeseen threats on a daily basis.

Do you have any additional ideas on how to improve your business’
cybersecurity efforts? Do you have any particular concerns that you think
the world should know about in addition to the ones above? Please leave a
comment below and share this with your boss and colleagues so that they can
better prepare for a potential cyber attack.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20160405/2c943afe/attachment.html>


More information about the BreachExchange mailing list