The increased number of targeted attacks and hack attempts on businesses should no longer be troubling. What is troubling though is the troves of data breaches and the number of successful attacks that could easily have been prevented.
Last month CNN reported the exposure of phone numbers, names and pin codes of six million Verizon customers on an insecure cloud server. The information was posted online for nine days. UpGuard, a security firm, found the leak on a server owned by a third-party Verizon vendor.
UpGuard also found voter data of almost 200 million Americans left on an unsecured Amazon web server by a firm contracted by the RNC. The 1.1 TB of data included names, dates of birth, home addresses, phone numbers, voter registration details and ‘modelled’ ethnicities and religions.
In April, Edmodo, a website dedicated as a way for “educators to connect and collaborate with students, parents, and each other”, had 78 million user account details stolen by hackers. Usernames, email addresses, and passwords were taken from the service and were being sold on the dark web for around $1,000.
In May, the WannaCry ransomware worldwide cyberattack infected over 300,000 computers across 150 countries. The attack affected National Health Service hospitals in the UK affecting computers, radiology scanners, blood-storage refrigerators, and surgical devices. As a result by mid-June payments totaling over $130,000 (51.62 XBT – bitcoin) had been paid.
IBM’s 2017 Threat Intelligence Index, which comprises its data from over 8,000 monitored client devices in over 100 countries, found leaked records more than doubled that of 2014 and 2015 combined.
Hackers are getting smarter with their hacked data too. Since users use the same email and passwords for multiple sites, hackers simply deployed, through brute force, 100 million combinations previously harvested and captured more than 20 million new records.
According to IBM’s report, in 2016 there were four times more spam attacks in 2016 than in 2015. There was also an astonishing increase in malicious attachments to that spam with ransomware accounting for 85% of the malicious spam attachments. Email remains a primary tool in the attacker’s toolkit, reinforcing the pervasiveness of malware for inadvertent insider attacks.
Insiders are anyone who has access to a company’s computer systems either onsite or remotely. These can be employees, vendors, or business partners. Inadvertent actors are insiders who are not acting with criminal intent. Often they are prey to phishing scams, opening a malware-laden email attachment, or lured to click on a malware web link either using malvertising, malware in web ads, or by downloading and installing software updates from what appear to be a legitimate sites.
Vulnerabilities are often the exploit choice by hackers. In 2016 there were over 10,197 vulnerabilities discovered. Database vulnerabilities, from the lack of IT personnel securing the databases or using weak programming and data structures, accounted for over 76% of all direct attacks.
What Industries are most targeted?
Financial institution attacks moved from third place in 2015 to first. Database attacks which accounted for 50% of all attacks on the financial sector. The popularity of the successful exploitation of database vulnerabilities provides attackers with the ability to read, modify and destroy sensitive data kept within the databases of financial institutions.
Information and Communications Technology, comprised of audio-visual (television and radio), telephone networks (cellular and landline), and computer networks (ISPs, email providers), made it to the top of the list for the first time as the second most targeted industry. Database attacks were the most predominate accounting for more than 51% of the attacks followed by brute force combination attacks of reused user email/password combinations from previous data breaches.
Manufacturing came in third with 71% of the attacks against databases. This industry is an easy target, as many systems within the sector are weak by design as a result of a failure to be held to compliance standards.
Retail remains at risk as the prize brings wealth through credit card or gift card data and personal information. Retailers maintain an extremely large amount of financial records and other personal information such as credit card and Social Security numbers. Database vulnerability attacks accounted for 50% of retail sector attacks.
Healthcare has moved from the top spot to 5th for hack attacks and breaches. 48% of the attacks were database vulnerability attacks and 28% of the attacks were brute force. Healthcare records are always a top prize for cybercriminals and, as with the Retail sector, are widely for sale on the dark web.
So what can you do?
Develop a culture of security. Turn your employees into security assets instead of security liabilities. Make them aware of just how serious and costly breaches are and how their knowledge and vigilance could cut down on 60% of all breaches.
Develop a proactive security plan. This can be accomplished in most cases with the use of technology by protecting your organization from outside threats as well as those from the inside.
Assess what may already have been or can be breached. Perform security monitoring and penetration testing from both the outside and the inside of your network.
Find a business partner for your IT needs. Today’s IT Managed Service Providers must be proactive in their ability to assess and prevent new threats. Innovative and a systematic approaches to security are necessary. Very few IT companies are able to meet those requirements on their own.