IT Solutions

Are Data Breaches Your Top Business Concern? They Should Be

Articles
February 12, 2021

Despite the many business threats facing companies in 2021, data breaches continue to be the top concern for business continuity. This isn’t surprising, given that nearly 165 million sensitive records were exposed in the U.S. in 2019, alone.

Furthermore, forecasts for 2021 are not good. A report by research firm Cyber Security Ventures predicted cybercrime would inflict damages totaling $6 trillion globally in 2021. If cybercrime were an economy, it would be the world’s third largest after the U.S. and China.

Even the technology giants that one would assume can protect themselves have shown their weaknesses. As bad as the 2019 Facebook data breach was (540 million users’ account names, FB IDs and more were exposed), Google may have far surpassed them in 2020.

During an outage that was suspected to be a data breach, the personal information of Google’s 1.5 billion Gmail users may have been compromised. (As of this writing, the Alphabet-owned tech conglomerate had not confirmed a Google data breach. However, both Google and Facebook’s breaches were discovered and confirmed by information security experts.)

Digging into Data Breaches

So, what, exactly, is a data breach? Many computer users think it’s an overt activity by one or more malicious individuals, such as when a cybercriminal gains access to servers, databases, or operating systems to steal data from corporate servers or other IT resources. Technically, that’s a hack.

Per the U.S. government, a data breach, also known as a data leak, is “the loss, theft or other unauthorized access… to data containing sensitive personal information, in electronic or printed form, that results in the potential compromise of the confidentiality or integrity of the data.” Breaches can be intentional or inadvertent, and they don’t always result from a cyberattack.

However, given the value of sensitive information such as social security numbers and the sophistication of cybercriminals, many of whom work for nation-states with very advanced equipment, the odds that a breach won’t be exploited are very low.

Of course, the biggest data breaches get the headlines. One was the Equifax data breach, in which cyberattackers gained unauthorized access to the personal data of approximately 148 million U.S. consumers. This information included people’s names, Social Security numbers, birth dates, addresses, and in some instances their driver’s license numbers, credit card numbers and other personal details.

This breach was considered especially egregious not only due to its scope but also because Equifax was a credit reporting firm. The amount of sensitive data housed by Equifax was mind-boggling, and yet they failed to protect it.

It Isn’t Just the Big Guys

Although the biggest breaches tend to grab the headlines, cybercriminals target small and midsized businesses (SMBs), as well. SMBs often lack the financial means or workforce capacity to develop and maintain an in-house cybersecurity team, and criminals know that. They are also less likely to have sophisticated monitoring tools that can detect a breach quickly. Consequently, a major security breach can be catastrophic.

This conundrum played out in the first half of 2020, as SMBs experienced nearly identical challenges to bigger firms, such as the need to expand networks, transition staff to remote working, and implement other technology changes driven by the pandemic. Sadly, their lack of capacity showed. Although SMBs experienced fewer security incidents than large enterprises in 2020, those incidents were far more likely to cause damage.

Per the recently released Verizon 2020 Data Breach Investigations Report, fewer than 1% of security incidents in large enterprises resulted in a data breach. Among SMBs, that figure soared to 54%. This stark reality underscores why SMB leaders must take the same precautions as larger firms. Not only should they adhere to cybersecurity best practices; they also must have a mechanism for recovering data if it should be stolen or damaged in a cyberattack.

How Bad Outcomes Happen

Though it is impossible to pinpoint exactly how often cybercriminals attack systems, The Clark School of Engineering determined that the rate of attacks by hackers, globally, is one every 39 seconds. That works out to be nearly 2,200 per day.

This success rate is possible because cybercriminals don’t just surf the Internet looking for exposed companies. They employ specialized techniques to find vulnerable systems. Following are a few examples:

  • Denial of Service Attacks: Flooding a network or server with traffic in order to make it unavailable to its users.
  • Web App Compromise: Scanning Internet-facing systems for vulnerable, web-based applications to gain access to them and steal the data they store.
  • Crimeware: Malicious software installed on a company’s systems to enable hackers to access their data.

Exacerbating the problem is user error. Personnel may lose equipment, or hackers may trick users into clicking spoofed email links so they can gain access to corporate servers and networks. (Tip: users should be alert to clumsy writing and misspellings, e.g., “emails addresses” rather than “email addresses.”)

In some cases, cybercriminals gain access to company data from an indirect source. One example is the 2013 Target data breach. The initial intrusion into its systems was traced to network credentials stolen from a third-party HVAC contractor.

Once a cybercriminal finds an exposed system, he or she usually will steal the data and then attempt to profit from it, especially if it includes financial information. Some use the information to make fake credit cards or engage in identity theft. Others hold it for ransom.

These activities come with high odds of discovery, so much of the data may be sold in bulk on the dark web a hidden network of websites accessible only by means of special software.

Most Importantly, What You Can Do?

Because data is so lucrative, we recommend a multi-pronged approach to reduce the odds of a breach.

  • Implement technology, such as a password manager, to store and autofill passwords securely.
  • Minimize changes of a successful breach with a multifaceted defense strategy. At IT Solutions, we worked with some of the world’s most seasoned, knowledgeable experts to develop our Security as a Service offering specifically to help SMBs address the ever-changing threat landscape.From the edge (wired and wireless user devices) to the corporate core (the databases and servers hackers seek most aggressively), ITS Security as a Service rigorously monitors every aspect of network activity, striking down threats as they emerge and ensuring data and corporate systems remain unharmed.
  • Have a rigorous backup and recovery program to ensure nothing slips through the cracks. In December 2020, we wrote a detailed article about such a program. We invite you to read it, here.  We also recommend redundant data storage, like the IT Solutions DataVault™, which protects and preserves company data with daily backups five different ways.
  • Finally, rapid detection of breaches is crucial. Employee education is paramount, as workers may notice problems management doesn’t. Signs to look for include:
  • Unusually slow Internet or connected devices
  • Users reporting they are locked out of accounts
  • Pop-ups and redirected websites appearing when browsing
  • Suspicious activity on the network after-hours
  • Anomalies in normal network traffic patterns, both inbound and outbound
  • Unexplained system reboots or shutdowns
  • Failed login attempts with a password verified to be correct

For a no-obligation discussion, or to learn more about our cybersecurity offerings, call (866) PICKITS.

Have Questions?

We’ve got answers — fast, clear, and tailored to your needs. Let’s talk tech.