How to Prevent a Data Breach
Every company should understand how to prevent a data breach because they’re happening all the time, affecting everyone. Recent events regarding the Colonial Pipeline attack are a wake-up call about the threat of ransomware. But the financial loss, reputational damage, operational downtime, legal action and loss of sensitive data that come with a breach are often avoidable.
The Art of War tells us to ‘know thy enemy,’ and even though those pearls of wisdom are thousands of years old, they’re still valid in our modern world. Safeguarding your data from hackers, malware threats, and countless other attacks is how you prevent a data breach.
So let’s take a look at different cyberattack methods and learn about where enemies may be lying in wait!
What Is a Data Breach?
A data breach is the intentional or unintentional release of secure or private and confidential information to an untrusted environment.
From individuals to high-level enterprises and governments, anyone can be at risk of a data breach. What are a CISO’s two biggest cybersecurity fears? Everyone who works at the company, and everyone who doesn’t! Because data breaches happen due to weaknesses in technology and human behavior. Anyone can put your business at risk.
Far too many companies wait until after a security breach has occurred before web security best practices become a priority. If you don’t know how to prevent a data breach, start actively taking precautionary measures to protect yourself. Don’t inadvertently leave critical data in jeopardy.
Data Spills and Leaks vs. Breaches
You may have seen these terms in the news or flooding your social feed. Data spills and data leaks are often used interchangeably. They essentially mean the same thing. Leaks or spills happen internally. Like when an employee unintentionally attaches an incorrect document to an email and sends the message. Or it can be malicious. For example, an employee steals intellectual property before resigning and shares it.
A data breach is when outsiders target and extract data from a company or an individual. User data, transaction history and internal information, are hot commodities to bad actors. And we’re not talking about Tommy Wiseau in The Room. Bad actors are cybersecurity adversaries interested in attacking information technology systems. They are your enemy.
Types of Data Breaches
A 2020 IBM study found three root causes of data breaches:
- System glitches—including IT and business process failures.
- Human error—including negligent employees or contractors who unintentionally cause a data breach.
- Malicious attacks—caused by hackers or criminal insiders.
Preventing a data breach when software infrastructure isn’t built with security in mind is clear as mud. But any time there’s change at home or in the office, there’s an opportunity for data breaches. Take COVID-19, for example. It forced countless industries to go digital and incorporate remote work fast. The potential for mistakes as companies hastily implemented solutions to survive the pandemic has been prime pickings for cybercriminals.
With technology evolving, employees onboarding and offboarding, cybersecurity is a constantly moving target. But it doesn’t need to be! Today, we’re going to explore some of the biggest cyber threats facing your business. The objective? To help you prevent a data breach from happening.
Malware or Virus
Malware and virus are often used interchangeably. Malware is a broad term for any type of malicious software, regardless of how it works, its intent, or how it’s distributed. A virus is a specific type of malware that self-replicates by inserting its code into other programs. They spread by attaching themselves to legitimate files and programs through infected websites, flash drives, and emails and wipe, corrupt, or collect private information.
There are multiple forms of ‘wares’ to be wary of, including ransomware, scareware, adware, spyware, fileless malware and worms. But one you’ve probably heard a million times is Trojan Horse Virus. Named aptly for the wooden horse used by the Greeks to gain entrance into Troy, this virus deceive you into loading and executing the malware on your devices.
The SolarWinds supply chain compromised hundreds of companies because hackers trojanized updates to SolarWind’s Orion IT monitoring and management software. The 2020 attack continues to unfold, and the long-term impact is unknown.
The Colonial Pipeline ransomware attack is the largest cyberattack on oil infrastructure in US history. It triggered fuel shortages and panic buying throughout the southeastern United States.
Ransomware holds a company’s information for “ransom” by an outside actor. They contact the company after locking them out of their software and threaten the release of sensitive information. Meeting specific demands, usually monetary, regains your access. Regarding Colonial Pipeline, the hacker’s goal was simply to make money.
What’s a hacker’s favorite season? Phishing season! Phishing refers to an attempt to convince a person to take some action by impersonating a trustworthy party. If I were a gambling gal, I’d bet you $10 there’s one waiting in your junk mail right now. Fake emails from eBay, Amazon and banks are standard. Still, you can spot a fake if you check the sender’s email or hover over links to check their credibility.
Distributed Denial of Service (DDoS)
This is malware that blocks internal employees from accessing their own company accounts. DDoS aims to knock a victim offline, and the motivation can be financial, political or even personal. Like the massive DDoS attack in October 2016. Users could not reach dozens of popular sites like Twitter, PayPal, CNN, and HBO due to a massive DDoS attack launched against a third party providing various technical services for the affected sites.
My Grandma’s password used to be “incorrect,” so when she forgot it, her computer would tell her, “Your password is incorrect.” She thought she was clever. But as password requirements evolved, thankfully so has her secret sequence of numbers, letters and special characters. There’s a lot of ways to go about password guessing. Often called brute force, criminals use automated tools that try all possible passwords until they find the right one. Or they can take more sophisticated approaches using machine learning. This is why passwords have so many requirements, and multi-factor authentication is becoming more prevalent.
While not exclusively related to the digital world, stolen information can be a massive headache. Compromising photos, health-related data, banking information, intellectual property and more may interest hackers. Stolen information can be as old school as stealing a purse or cell phone or as complex as hijacking a company.
DarkSide ransomware is behind Colonial Pipeline’s ransomware attack. They also stole over 100 GB of corporate data and the group has a history of doubly extorting victims. First, they ask for money to unlock the affected computers and then threaten to leak the stolen data if the victims do not pay more.
It’s too soon to know how DarkSide breached Colonial Pipeline. Still, it could have been any of the items covered in this blog—an old, unpatched vulnerability in a system or a phishing email that successfully fooled an employee. Credentials purchased or obtained elsewhere, or part of a previous leak, or any other number of tactics employed by cybercriminals to infiltrate a company’s network.
How to Prevent a Data Breach
Given that the listed tactics worked well before COVID-19 and all the chaos companies face internally constantly pivoting, there’s not much need for attackers to get creative. The good news is that you don’t need to dream up new strategies and tactics to prevent a data breach.
A practical approach to preventing a data breach is to be proactive and defensive.
- Only keep what you need. Don’t store data in readily accessible areas of your company’s web platform for too long.
- Safeguard your data. You can protect data by installing firewalls, multi-factor authentication, managing access controls, as well as various forms of encryption. And always keep your systems up to date and patched.
- Destroy before disposal. Deleting or purposefully changing data that will be deleted from internal servers sounds like an extra step but sometimes deleted data is still accessible online.
- Control computer usage. Pay special attention to password protection, anti-virus software, “time-out” functions, and be sure to block certain websites and services to maintain your security. Also, employee awareness training about usage is priceless.
- Security awareness training for employees. How you train your employees will largely determine their effectiveness and adherence to company policies. Earlier 2021, workers across the USA received an email offering $500 to individuals who shared their workplace login credentials. Generally speaking, employees don’t have blanket authorization to share or do what they wish with their corporate login credentials for past or current jobs. Regular employee training regarding phishing and InfoSec best practices is never a waste of time.
- Partner with a security provider to help with all the above. With their guidance, you can implement an existing framework like SOC 2, ISO 27001, or a combination of InfoSec best practices and frameworks. This overview does not cover every precaution, so working with an expert is the best way to stay on top of changes, trends, and threats.