2018 was a mixed year for cyber-security. Websites like Statistica suggesting that we have seen a drastic fall in the number of data breaches (in the USA) from 1,579 in 2017 to 668 in 2018; with the number of records exposed dropping from 179 million to just over 22 million.
We have seen the implementation of stricter compliance mandates across the globe, most notably with the radical updates of the previously outdated data protection regulations in Europe in the form of the GDPR.
With all that being said, we are still subjected to what seems like daily headlines of huge data breaches affecting some of the world’s biggest companies. Globally, one source suggests, the first six months of 2018 alone saw 945 data breaches affecting 4.5 billion records.
This shouldn’t be happening in a day and age where the awareness of threats is heightened, and organizations appear to be taking proactive steps towards bolstering cybersecurity. So, what’s going wrong? In this blog we will go through three notable data breaches this year and see what could have been done to avoid them.
Back in September, Uber received a huge fine of $148 million for failing to notify their drivers that their personal data had been stolen in an attack that occurred a year previously. In what was essentially a classic ransomware attack, the personal information of 600,000 drivers was stolen and Uber actually went ahead and paid the $100,000 ransom in the hope that the breach wouldn’t be revealed.
There are a few lessons to take away from this breach. Firstly, that paying the ransom in a ransomware attack will not guarantee that you get your data back or that the breach remains covered up. Secondly, the fact that Uber attempted to cover up the breach instead of reporting it immediately to the affected parties and required compliance bodies, is a clear breach of data protection regulations.
Ransomware attacks can be prevented mainly through the education of end users. Users should be up to date on the latest threats, including knowing not to click on suspicious links in emails or open attachments from untrusted recipients. Processes should also be put in place to spot and report breaches quickly to the required authorities.
If you’re in the UK, you may have noticed when O2 (the second biggest mobile network provider) had a complete network collapse due to an expired software certificate. Well over 25 million people in the UK were completely without access to mobile data, with significant numbers also completely losing text and call capabilities.
Simply forgetting to renew a software certificate may seem like an enormous blunder that can be easily avoided, but it highlights a growing issue in many organizations. As companies expand, and the cloud presents new storage opportunities, the growing complexity of IT infrastructure can lead to problems like this.
IT professionals need to get a handle on the layout of their IT infrastructures, ensure that systems are regularly patched, and everything is up to date. Simply being organized in this way will help to avoid many of the seemingly insignificant mistakes that can lead to major disruptions.
Just last month, US regulators revealed that the Marriott hotel chain suffered a breach that had been ongoing for four years, affecting the personal data of almost 327 million records. Whilst it may appear that, on the face of it, Marriott responded quickly once they detected the breach, this doesn’t tell the whole story.
I won’t go into detail in this blog, as there is more information here, but essentially experts had suggested that a more thorough investigation of a past data breach in 2015 could have prevented this one from occurring altogether.
The main lesson to take away from this breach is the importance of running regular data risk assessments to give yourself an idea about whether your environment is secure and spot potentially suspicious activity.
Data Security Solutions
If there is one thing I would recommend all organizations to do, first thing in 2019, is to look into deploying a data security solution like Lepide Data Security Platform that will help to detect and prevent insider threats, ransomware and other data-related security incidents. 2018 has taught us that data is the most valuable asset an organization hold and it must be protected as a priority. Adopting a data-centric approach will help you determine where your sensitive data is, who has access to it, what users are doing with it and whether it is secure. Knowing this is the first step to preventing data breaches in 2019.