Despite the many business threats facing companies in 2021, data breaches continue to be the top concern for business continuity. This isn’t surprising, given that nearly 165 million sensitive records were exposed in the U.S. in 2019, alone.
Furthermore, forecasts for 2021 are not good. A report by research firm Cyber Security Ventures predicted cybercrime would inflict damages totaling $6 trillion globally in 2021. If cybercrime were an economy, it would be the world’s third largest after the U.S. and China.
Even the technology giants that one would assume can protect themselves have shown their weaknesses. As bad as the 2019 Facebook data breach was (540 million users’ account names, FB IDs and more were exposed), Google may have far surpassed them in 2020.
During an outage that was suspected to be a data breach, the personal information of Google’s 1.5 billion Gmail users may have been compromised. (As of this writing, the Alphabet-owned tech conglomerate had not confirmed a Google data breach. However, both Google and Facebook’s breaches were discovered and confirmed by information security experts.)
So, what, exactly, is a data breach? Many computer users think it’s an overt activity by one or more malicious individuals, such as when a cybercriminal gains access to servers, databases, or operating systems to steal data from corporate servers or other IT resources. Technically, that’s a hack.
Per the U.S. government, a data breach, also known as a data leak, is “the loss, theft or other unauthorized access… to data containing sensitive personal information, in electronic or printed form, that results in the potential compromise of the confidentiality or integrity of the data.” Breaches can be intentional or inadvertent, and they don’t always result from a cyberattack.
However, given the value of sensitive information such as social security numbers and the sophistication of cybercriminals, many of whom work for nation-states with very advanced equipment, the odds that a breach won’t be exploited are very low.
Of course, the biggest data breaches get the headlines. One was the Equifax data breach, in which cyberattackers gained unauthorized access to the personal data of approximately 148 million U.S. consumers. This information included people’s names, Social Security numbers, birth dates, addresses, and in some instances their driver’s license numbers, credit card numbers and other personal details.
This breach was considered especially egregious not only due to its scope but also because Equifax was a credit reporting firm. The amount of sensitive data housed by Equifax was mind-boggling, and yet they failed to protect it.
Although the biggest breaches tend to grab the headlines, cybercriminals target small and midsized businesses (SMBs), as well. SMBs often lack the financial means or workforce capacity to develop and maintain an in-house cybersecurity team, and criminals know that. They are also less likely to have sophisticated monitoring tools that can detect a breach quickly. Consequently, a major security breach can be catastrophic.
This conundrum played out in the first half of 2020, as SMBs experienced nearly identical challenges to bigger firms, such as the need to expand networks, transition staff to remote working, and implement other technology changes driven by the pandemic. Sadly, their lack of capacity showed. Although SMBs experienced fewer security incidents than large enterprises in 2020, those incidents were far more likely to cause damage.
Per the recently released Verizon 2020 Data Breach Investigations Report, fewer than 1% of security incidents in large enterprises resulted in a data breach. Among SMBs, that figure soared to 54%. This stark reality underscores why SMB leaders must take the same precautions as larger firms. Not only should they adhere to cybersecurity best practices; they also must have a mechanism for recovering data if it should be stolen or damaged in a cyberattack.
Though it is impossible to pinpoint exactly how often cybercriminals attack systems, The Clark School of Engineering determined that the rate of attacks by hackers, globally, is one every 39 seconds. That works out to be nearly 2,200 per day.
This success rate is possible because cybercriminals don’t just surf the Internet looking for exposed companies. They employ specialized techniques to find vulnerable systems. Following are a few examples:
Exacerbating the problem is user error. Personnel may lose equipment, or hackers may trick users into clicking spoofed email links so they can gain access to corporate servers and networks. (Tip: users should be alert to clumsy writing and misspellings, e.g., “emails addresses” rather than “email addresses.”)
In some cases, cybercriminals gain access to company data from an indirect source. One example is the 2013 Target data breach. The initial intrusion into its systems was traced to network credentials stolen from a third-party HVAC contractor.
Once a cybercriminal finds an exposed system, he or she usually will steal the data and then attempt to profit from it, especially if it includes financial information. Some use the information to make fake credit cards or engage in identity theft. Others hold it for ransom.
These activities come with high odds of discovery, so much of the data may be sold in bulk on the dark web a hidden network of websites accessible only by means of special software.
Because data is so lucrative, we recommend a multi-pronged approach to reduce the odds of a breach.
For a no-obligation discussion, or to learn more about our cybersecurity offerings, call (866) PICKITS.
We’ve got answers — fast, clear, and tailored to your needs. Let’s talk tech.
