Organizations are increasingly concerned about the loss or theft of electronic information, known as a data breach. A data breach is the unintentional release of secure electronic information through loss, theft, or unauthorized intrusion, either from within the organization or from external sources such as hackers. Typically, hackers* are those who exploit security weaknesses in computer systems or networks to gain unauthorized access to information, cause mischief, or make changes to files, settings, or systems.
Data breaches that result from unauthorized access by individuals within an organization have also become more common. These types of breaches, or data leaks, are commonly called insider threats. Insiders pose a unique challenge because they know how systems are configured, how to defeat these systems, and how to cover up any evidence. In addition, data can be lost or stolen over a network or system or lost via a desktop computer, laptop, mobile device, storage device, chip, disk, or anything that can store or transmit data. As devices get smaller and continue to hold more and more data, it becomes easier to simply walk one of these devices out of a secure environment.
During the last several years, data breaches have become more frequent, more severe, and more costly. Meanwhile, hackers have become increasingly sophisticated in their method of attacks, whether from state-sponsored cyberattacks (that is, hacking backed by a country or government), corporate espionage, or groups of hacker networks, like one called Anonymous.
Global hackers have launched an assault on corporate and government systems in search of valuable information, such as credit card numbers, trade secrets, personal information, state secrets, digital products, blackmail material, and other data.
The following slideshow for an overview of some of the more infamous cyberattacks in recent years.
Mirai, 2016: Mirai was a botnet attack in 2016 that brought down thousands of websites and Microsoft gaming servers. It was launched as a result of fighting between different hacker groups. Later, Mirai attacked the site of prominent cybersecurity journalist Brian Krebs and a DNS-hosting company called Dyn. The attack targeted insecure routers, DVRs, CCTV cameras, and other smart Internet of Things (IoT) devices.
WannaCry, 2017: Ransomware attacks reached a new level when the WannaCry cryptoworm began targeting Windows systems and encrypting data. The malware included backdoors and and the ability to find and infect vulnerable systems. Various companies, hospitals, and governments were affected, with damages estimated in the billions of dollars.
NotPetya, 2017: A class of encrypting malware, Petya was modified into NotPetya, which was even more destructive. It didn’t just encrypt files permanently but wiped out data of its primary targets in Ukraine. It then spread worldwide causing up to $10 billion in damages to companies, hospitals, and governments.
Target, 2013: Just as the 2013 holiday season was reaching its peak, retailer Target announced that it had suffered one of the largest data breaches in corporate history. Hackers stole 40 million credit card numbers and the personal data of as many as 70 million customers and associates. The retailer later said in financial filings that the breach cost $252 million as of the 4th quarter of 2014.
Home Depot, 2014: In September 2014, hackers infiltrated the networks of home improvement retailer Home Depot and stole information on as many as 56 million credit and debit cards. Attackers installed malware, that looked like anti-virus software, on point-of-sale systems at stores in the U.S. and Canada that collected information as it was scanned. In a February 2015 filing, the retailer said the cost of the breach to date was $63 million.
Common Types of Attacks
Efforts at understanding the full scope of the security problems modern organizations face are well underway. In Verizon’s 2019 Data Breach Investigations Report, there were 41,686 reported security incidents, with 2,013 confirmed data breaches. The top threats from 2018 were included in this report and are listed below.
|The top types of threat actions used in cyber breaches in 2018:|
|Use of stolen credentials|
|Command and Control (C2)|
|Use of backdoor or C2|
|Capture app data|
To successfully guard against cyberattacks, an organization needs to make all managers and employees aware of the potential dangers and the necessary defensive principles. It must also have a sufficient number of information security professionals who can offer specialized help.
To test your understanding of the content presented in this assignment, please click on the Question icon below. Choose your selected response
1. True or False?
The cost for organizations to store electronic information has been rising over the past few years.Choose only one answer below.
Correct. This is a false statement. The cost to store electronic information has declined rapidly over the last several years, partly influencing a massive boom in the volume of stored data.
2. True or False?
The accidental loss of a disk containing health information of hospital patients could be considered a data breach.Choose only one answer below.
Correct. This is a true statement. Any loss of secure information, even if it is accidental, can be considered a data breach and should trigger the proper response.