What Security Teams Must Learn From 6 Major Recent Data Breaches
An analysis of of 235 data breaches in the last few years by IBM X-Force is an eyeopener of sorts for IT and Security teams working to protect enterprise data. These include data breaches due to patching failures and phishing attacks, breaches as a result of misconfigured cloud servers, hijacked thingbots and attacks targeted at cryptocurrency, the last two being relatively new and growing as trends.
Here are some of these data breaches in detail with mitigation tips that should now be standard security protocol in organizations, both large and small.
Devices Under Attack from Bots of “Things”
November 2016 witnessed the Mirai botnet turn thousands of connected DVR devices and cameras into distributed denial-of-service (DDoS) bots, which was followed by another attack later in 2017. Data breaches of this sort can lead to individuals launching catastrophic attacks, by commandeering the large number of devices remotely.
We are all aware of WannaCry, the malware outbreak that dumped ransomware onto vulnerable Windows endpoints at internet service providers, hospitals and other targets in May 2017. Similarly, there are zero-day attacks which too exploit vulnerabilities in the system where there are no patches. This failure to patch vulnerabilities exposes the multiple endpoints, and individuals can leverage this weakness to create global chaos.
Cloud Service Misconfiguration
Organizations use cloud services for storing corporate data, user data records and other information. For enterprises data is an invaluable asset, hence companies pay handsomely to keep them private. But misconfiguration, user error, and insiders with malicious intent can gain access to expose all the data. We witnessed such a case, when a misconfigured Amazon S3 database had a massive leak, affecting 123 million Americans.
Cyber extortion involves the theft of any digital data, and forcing the owner to pay a considerable sum of money. In April 2017, new episodes of a popular show were stolen from the video streaming service, and the individuals demanded a considerable amount of money in exchange for returning the episodes and not leaking them on the internet. This is one of the most popular data breach trends in recent times.
Phishing refers to the event of an individual disguising their identity to gain access to sensitive confidential employee information such as passwords, credit card details, usernames and the like. This is a more lucrative and efficient tactic being employed by malicious individuals, as they no longer have to resort to extortion, and can simply ask for the money or information in a certain way.
The value of cryptocurriencies such as bitcoins is always on the rise, and this is probably why they are prime targets in the present scenario. Crypto-coin thefts that have happened in the past, have greater significance today, due to the exponential increase in their value. 2016 witnessed a heist of 119,756 BTC from a Hong Kong bitcoin exchange. At that time it had a value of $77 million, but now it is valued at over $1.5 billion. Criminals target the end-users, leverage malware techniques to change payment addresses, and steal cryptocurriencies worth billions.