Know Your Enemy: The 5 Different Types of Data Breach

Data breach, the bane of many security experts. Anybody can fall victim to a data breach at any time. The damage is usually extensive and expensive if not utterly debilitating. Breaches are a cancer that never knows remission and a significant cause of concern in the connected world of today. What is a data breach to begin with? Well, you need to know your enemy, and there are about five different types of data breach.

Here is a quick and straightforward analogy. If a burglar picks your lock or breaks your window and enters your house, that is a security breach. If the burglar steals your documents and personal information and then leaves, that is a data breach.

According to an article on Wikipedia, “A data breach is a security incident in which sensitive, protected or confidential data is copied, transmitted, viewed, stolen or used by an individual unauthorized to do so.” A friend might steal a couple of your randy pictures to expose or prank you on Facebook; data breaches usually happen on a colossal scale involving millions if not billions of records. Big companies (you know, the kind you’d never imagine would fall victim) such as Yahoo, and Equifax among others aren’t safe either. When you think of it, attackers seem to love big and blue-chip companies because of the more significant the impact, the fatter the paycheck.

The stolen information is then used to commit credit card fraud, identity theft, and a host of other heinous crimes. Some attackers will even sell the information in bulk on the dark web, giving even more bad guys the chance to commit abhorrent atrocities ranging from espionage to blackmail and the list goes on. Data breaches are a severe problem that mandates organizations to prepare beforehand.

The first step in preparing is awareness about the 5 different types of data breach. If you know how the enemy operates, you can put countermeasures in place.

For each of the five types of data breach, you’ll learn a couple of preventative measures so that you can bolster the security of your systems. Keep in mind that attackers hardly rest, so don’t you sleep either. Keep learning and implementing the best security practices and stay ahead of the bad guys. Always remember to share your concerns about security and give each other the best security tips you hear about.

5 Different Types of Data Breach 2019

This list of data breaches is in no particular order, but they are all serious areas of concern for any organization or person looking to stay safe from data breach.

Physical Theft

Who has ever watched the Mission: Impossible film that was released in 1996? If you haven’t seen it — find it and watch it. For those who watched the film, I think you’ll agree when I say: We should laud the director, Brian De Palma, for that one famous scene where Ethan Hunt (Tom Cruise) rappels from the vent of an incredibly secure CIA vault to steal the NOC list that contained the real names of agents in the field.

THAT PEOPLE is a classic example of data breach by physical theft, but we celebrated Tom Cruise for the act. In the real world, things might not be as dramatic, but data breach by physical theft is very much a reality for many organizations. It could be as simple as someone plugging a USB drive into a server containing sensitive and business-critical information, or as brazen as someone carrying a hard disk out of your business premises. If anybody can walk out of your premises with sensitive business data, you’re in deeper trouble than you would like to admit.

Leaving confidential documents in plain sight or disposing of sensitive information improperly (yes, a determined data thief won’t have qualms about going through your trash) can also expose you to a data breach. It’s the main reason vaults (but clearly not that CIA vault in Ethan’s case), shredders and furnaces were invented – to protect and get rid of sensitive information that mustn’t fall into the wrong hands.

To protect your organization from physical theft of data, implement stringent security protocols that ensure only authorized people have access to privileged and sensitive data. Have you ever heard of chit-key vaults and safe deposit boxes? Well, you might need to school yourself up on such secure storage options if you’d like to keep physical data breaches at bay.

What about your prized server room? We recommend you invest in military-grade security, laser sensors, motion detectors, sentry guns, the Death Star, the Infinity Gauntlet; whatever works for you – just ensure you leave nothing to chance. Pardon all the movie references, but we all know what happens when hackers release nude pictures of female celebrities and media files that were meant to stay private. The fallout if often nasty and people lose face and jobs, but I digress.

Cyber Attack

Cyberattack is one of the most prevalent forms of data breach since the attacker needn’t be physically present on your business premises to steal your data. All a cyber attacker needs is a computer with internet access and a couple of hacking tools to grab your data without your knowledge.

Data breach by cyber-attacks can go on for months or even years without anyone noticing, especially if the hacker did his/her job well. Often, the intrusion is discovered when the damage has already been done, i.e., after the data breach has taken place.

But how does a criminal hacker on the other side of the globe gain access to your system? The attackers rarely reinvent the wheel unless they have to. They use old hacking methods that are known to work. If they devise a new tactic, it’s mostly a combination of old tactics meant to exploit vulnerabilities in your system.

Common mechanisms hackers use to break into your systems include malware, keyloggers, fictitious websites, trojans, backdoors, and viruses, among others. Usually, they trick users into clicking and as a result, install malicious programs on the system, which is how they mainly gain access to your data. Others will intercept the information you send and receive over an unsecured network in what is commonly known as the man-in-the-middle (MitM) attack.

An attacker may dupe an unsuspecting staff member to steal login credentials. The attacker then uses the login credentials to login to the staffer’s computer, from where they launch a lateral attack on the rest of your system. Before long, the attacker has access to restricted areas of your network, and BAM – your data is gone, lost or rendered useless.

With criminal cyberattacks making up over 48% of data breaches according to the Cost of Data Breach Study by IBM, how do you protect yourself from cybercriminals looking to harvest your data? Preventative measures to keep cyber attackers at bay include:

• Encourage staffers to use strong and unique passwords. Never use the same password for different accounts. If you can’t remember many different passwords, considering investing in a password manager such as LastPass and Cyclonis, among others. And please, never ever use “123456,” “password,” “admin” and such easy-to-guess passwords
• Invest in a state of the art VPN to secure your network. A VPN encrypts your data such that it’s unreadable even if attackers manage to steal it
• Redesign your tech infrastructure with a security-first approach in mind
• Enable two-factor authentication to protect your servers and other storage devices containing sensitive data
• Use an antivirus and firewalls
• Update your software to seal security holes and improve functionality. Best is to keep your software updated at all times

To learn more about protecting your organization and yourself against cybercrime, here is a list of relevant posts for further study.

• 6 Emerging Cyber Threats to Lookout for in 2019.
• How IoT has Exposed Business Organizations to Cyber Attacks.
• 11 Ways to Help Protect Yourself Against Cyber Crime.

Employee Negligence aka Human Error

Have you ever sent out an email blast and be like “No, No, No, No, Nooo!” Yeah, most of us have been there, and it’s one of the worst feelings ever – especially if you send confidential or sensitive information to the wrong recipients. Or what happens when you send the wrong attachment to the right recipient? That photo you mean to send to your significant other?

Both scenarios constitute data breach, and when it happens in an organization, it can cause unprecedented chaos and unrest. But perhaps the above examples don’t cut it for you, so here is a fun fact. Did you know networked backup incidents and misconfigured cloud servers caused by employee negligence exposed over 2 billion records in 2017? According to the 2018, IBM X-Force Threat Intelligence Index published on itweb.co.za.

The point is to err is human; we all make mistakes, and it’s inevitable. But mistakes that could take your company off the pivot can’t be taken lightly or for granted. To mitigate this type of data breach, you must educate your employees on the essential elements of information security, and what will happen if they aren’t vigilant when performing their duties. It might sound like a weak point, but a little training could go a long way in combating data breach due to employee negligence.

On top of that, educate non-technical staff members on data security awareness procedures and policies. At the end of the day, you should embrace a zero-tolerance policy to data breaches that result from employee negligence. Inform your employees on the importance of keeping data safe and the repercussions should the unthinkable happen.

Insider Threat

While most organizations focus on mitigating external threat factors, insiders pose a more significant threat than you’d typically imagine. According to an Insider Threat study by CA Technologies and Cybersecurity Insiders, 53% of organizations faced insider attacks, with the main enabling factors being:

• Many users have excessive access privileges
• An increased number of devices with access to sensitive data
• The increasing complexity of information technology

From the same source, 90% of organizations feel vulnerable to insider attacks, and 86% of organization already have or are building insider threat programs. According to IBM Insider Threat Detection, insider threats account for 60% of cyber attacks. Wow, just wow – quite the staggering figure if I must point out the obvious, which also means you must be extra vigilant or one of your employees will drive a steel stake through the heart of your organization.

Data breaches resulting from insider threats are quite common nowadays, and extremely difficult to detect. Network protectors can quickly combat malicious outsiders, but the job becomes harder when threats come from trusted and authorized users within the organization.

The job becomes 10 times more challenging since there are different types of insider threats, namely:

• Disgruntled employees – This category of criminal insiders commit deliberate sabotage or steal intellectual property for monetary gain. It’s common for employees to steal information before and after quitting or being fired. Some harmful elements sell trade secrets to competitors, but others want to take down the enterprise.
• Nonresponders – Some employees never respond to security awareness training, no matter the resources you invest. These are the people who usually fall prey to phishing scams repeatedly because, well, you can stick your security awareness training up your (you know where).
• Insider collusion – Professional cybercriminals will go to great lengths to steal your data. They scout the dark web looking to recruit your employees. If one of your employees collaborates with a malicious attacker, you will have a severe security and data breach, and you don’t need a rocket scientist to tell you that. In some cases, an employee may even cooperate with another employee in the same organization, exposing you to all types of cybersecurity problems. If you need a little prodding in the right direction, just think how insider collusion can expose your enterprise to fraud, intellectual property theft, and plain old sabotage.
• Inadvertent insiders – Ignorance is not bliss as far as cybersecurity goes. Negligence on your employees part invites all manner of trouble since attackers are savvy to vulnerabilities that inadvertent insiders cause. Negligent staff members expose your organization to malware, phishing, and man-in-the-middle (MitM) attacks, among other forms of attack. Attackers may take advantage of negligence in your organization to exploit misconfigured servers, unsecured/unmonitored microsites, and so on.
• Persistent malicious insiders – Criminal “second streamers,” i.e., employees seeking supplemental income maliciously, won’t protect your data. Instead, they will commit a slew of malicious acts such as exfiltrating data for financial gains. And this category of people will remain undetected for long periods to maximize the benefits of data theft. And since they are aware of network monitoring tools, they will steal data slowly instead of committing data theft in bulk. As such, they can operate under the radar for months or years.

How do you prevent data breach caused by insiders? How do you protect your data when the threat comes from the same people you trust. To protect your data from insider threat, you need to implement measures such as endpoint and mobile security, Data Loss Prevention (DLP), data encryption at rest, in motion and use as well as Identity and Access Management (IAM). You can even adopt behavioral analysis and reduce vulnerabilities. These measures will combat, among other things, unauthorized access, negligence, and data loss in case of a breach.

Ransomware

What comes to mind when you see the word RANSOMWARE? WannaCry? $700,000 of losses? Laws? The HIPAA perhaps? CryptoWall? CryptoLocker? Ransomware can constitute a data breach depending on the malware that attacks your systems. Other factors such as the type of data stolen, the current status of said data and – again – laws. Anybody who puts your data at risk of loss has committed data breach to some extent. If some hacker somewhere holds your data hostage, your organization will surely experience losses in all fronts. And you determinedly would instead carry on as usual – plus money doesn’t just grow on trees.

The attacker who hijacks your data has demonstrated that they can steal or destroy your data at will.

Clearly, they are talented, and ransomware comes in a million shades of nasty. Could take over your system right this minute considering there are more than 4,000 ransomware attacks per day according to the Federal Bureau of Investigation (FBI). It’s one of the reasons the US government has a $15 billion budget for cybersecurity. The majority of attackers use ransomware to cover their tracks. Just think about it for a minute. Some guy breaks into your system steals your data, and if that isn’t enough, holds your data hostage for profit as they cover a data breach.

Ransomware ruins your reputation. It takes blood, sweat, and tears to build a name, so say “no” to ransomware.

You can avoid ransomware of you’re cautious enough. Plus, you can always ramp up your defenses. And please install a powerful antivirus program (my favorite is Eset Nod32), and ensure you activate web file protection and firewalls to combat malware-laden emails and messages that pass spam filters. Additionally, invest in a clever backup plan so that you can simply wipe the drives to eliminate ransomware, and then restore backups. That way, you can beat ransomware attackers at their own game, instead of paying a ransom.

Final Words

Security goes beyond mere awareness, so don’t take data breach sitting down. You can effectively protect yourself, and if the worst happens, rise from the ashes stronger than before.  Keep learning and implementing the best security policies and procedures to protect your business against the various forms of data and security breaches. Keep the conversation going until you have everything you need to safeguard yourself and your organization against all five of the data breach of types.

The post Know Your Enemy: The 5 Different Types of Data Breach appeared first on ReadWrite.