News of the latest data breach frequently makes the headlines, and it appears the digital world will continue to have to reckon with hacking and data theft on a regular and increasing basis. Data breaches have been happening under many different guises since personal records became commonplace. Whereas in the past, criminals would walk off with briefcases full of stolen files, today, it’s the hacking community stealing countless amounts of data from big business.
Data breaches are a severe, globally relevant problem affecting businesses and government institutions. As a result, cybersecurity professionals have greater scrutiny over the security posture of modern businesses and organizations. Moreover, as almost all companies rely heavily on IT systems to power innovation, the likelihood of a data breach grows daily.
However, it’s not all doom and gloom, and businesses are fighting back with robust and stringent cybersecurity initiatives to minimize the risk of a data breach. Cybersecurity is taken seriously across the entire industry. Leaders are becoming wise to the intense threat cybersecurity represents to business operations and company reputation, not to mention the financial losses brought about by a successful data breach.
A Brief History of Data Breaches
The severity and impact of data breaches are becoming more significant in recent years. The number of data breaches appears to be on the increase. We curated our top 5 high-profile data breaches that impacted people’s lives, disrupted everyday businesses, and affected their business reputation.
- Yahoo! Data Breach (2013-2016) – 3 Billion Users Affected – This is still the largest ever recorded data breach in history and was triggered by the spear-phishing of an employee. It cost Yahoo! nearly $120 million in compensation.
- Target Stores (2013) – 110 Million Payment Cards Or Contact Info – This major breach of a U.S retailer involved the theft of 40 million debit and credit card numbers.
- First American Financial Corp (2019) – 885 Million records – This real estate insurance broker’s website leaked bank account numbers and statements, mortgage and tax documents, wire transaction receipts, Social Security numbers, and driver’s license images dating back to 2003.
- Equifax Data Breach (2017) – 605 Million Records – This breach resulted in hugely sensitive data being leaked, including names, dates of birth, Social Security numbers, addresses, genders, phone numbers, driver’s license numbers, email addresses, taxpayer IDs, driver’s licenses, and passport photos.
- Facebook (2019) – 540 Million Records – Facebook exposed millions of user records (about 146GB) because of an unsecured AWS S3 Bucket.
These five data breaches are arguably the most severe kind of data breaches. Again, check out this compilation list on Wikipedia, which goes into great detail about known data breaches. There is a staggering amount of data available.
Reasons for Data Breaches
Data Breaches are estimated to cost the world around $10.5 Trillion annually by 2025. Although the massive breaches experienced by Yahoo! Facebook and Equifax are less likely, attacks are becoming more targeted, with hackers hunting for specific data or specific victims. But why do companies get hacked? Here are some of the reasons why they fall afoul of data breaches.
- Poor Security – The main reasons businesses get hacked are poor security and the weak implementation of security practices. Using weak passwords on publicly accessible resources such as a cloud server allows hackers to compromise your system in no time. Other reasons include no security training, out-of-date antivirus software, and having a business culture that does not promote security best practices.
- Ransomware – This type of malware is reaching epidemic status. It’s the number one go-to for hackers because of the relatively high success rate in extorting money from the victim. Hackers access compromised systems via a successful phishing campaign or social engineering. Once inside the network, files are encrypted and a ransom demand is made.
- Zero-Day Vulnerabilities – Applications are inherently vulnerable, and zero-day exploits are always a concern. This type of exploit occurs when the hacker identifies the vulnerability before anyone else. Unfortunately, no immediate patches or workarounds give the hacker the upper hand. One of the most high-profile 0-day attacks was the recent Microsoft Exchange Server data breach.
- Accidental Disclosure and Human Error – This type of breach happens surprisingly often, but it’s essential to differentiate between unintentional human error and malicious foul play. Incidents include employees disclosing sensitive data and data being publicly shared to the cloud.
- Lost / Stolen Devices – Another common incident is confidential data being lost, misplaced, or stolen. It most frequently involves missing laptops and USB storage devices.
- Misconfiguration – Misconfiguration is frequently cited as a cause of a data breach. It is most commonly seen in the cloud by businesses that do not know the concept of cloud security. Examples include unprotected application APIs, unsecured websites, and cloud storage buckets.
- Rogue Contractor / Inside Job – An insider threat may be a current or former employee or perhaps a malicious third party that acts maliciously to steal sensitive business data. Their motives usually surround financial gains or the opportunity to cause significant disruption to the business.
How To Defend Against Data Breaches
Defending against data breaches involves stakeholder buy-in and a concerted effort from the entire business to improve security standards. Outsourcing IT infrastructure to colocation or cloud service providers is a great way to enhance the business’s security stance overnight.
An external provider will reduce the burden and security concerns to an expert team who can evaluate your organization objectively and design a solution that is unique to your organization.
We have identified several other key ways to defend against a data breach. These include:
- Understand Threat Actors – Threat Actors are cybercriminals, hackers, hacktivists, insiders, or state-sponsored actors. Businesses and government institutions are targeted for personal gain and are typically financially motivated. State-sponsored threat actors target intellectual property and secrets or disrupt major enterprise businesses for political gain.
- Follow The Principle Of Least Privilege: This security concept grants users or service accounts the minimum required permissions to do their jobs. A policy of denying by default minimizes the risk of having users and administrators, automation tools, and service accounts over-specced, such as granting a database account write permissions when only read is needed.
- Implement Defense In-Depth: It’s important to remember that security control can fail. Create multiple layers of security to ‘catch all’ threats surrounding the data center’s physical security (including administrative processes) and remote access controls such as VPN, IAM, and Zero Trust networking. Invest in network security such as a DMZ, Firewall, or WAF, ensure server security by patching, and always encrypt your storage.
- Understand the Shared Responsibility Model: The general rule is that the cloud provider is responsible for the data center and the infrastructure that makes up the cloud platform, including the servers, storage, and networking layers. The customer is responsible for data integrity, usually application, middleware, and operating system security. Make sure you check the fine details with your chosen provider.
Cloud Security Atlantic.Net
Unfortunately, it does seem that data breaches in the cloud are getting worse; however, it’s important to remember that awareness is improving and that many businesses are taking appropriate action to secure their infrastructure to industry best practices. Cybersecurity is always on the agenda when we speak to our customers.
You will be pleased to know that Atlantic.Net cloud services feature some of the best security standards for any cloud provider. Our cloud infrastructure and business processes are aligned to create a security-defined service.
Atlantic.Net has been providing cutting-edge hosting services for over 29 years. We offer a full suite of managed services, including managed networking, managed security, Intrusion Protection Systems, Web Application Firewalls, and so on. In addition, our always-available professional support team will build the perfect solution for your business or organization.
Atlantic.Net is ready to help you attain fast compliance with various certifications, such as SOC 2 and SOC 3, HIPAA, and HITECH, with 24x7x365 support, monitoring, and world-class data center infrastructure. For faster application deployment, free IT architecture design, and assessment, visit us at www.atlantic.net, call 888-618-DATA (3282), or email us at [email protected].
You can find out more information by contacting our sales team today!