Data breaches have become so common that they are now relegated to the back page of newspapers and warrant barely a mention on the nightly news (and it seems almost nightly there is a new breach that is reported, albeit barely). Upon reflection, several questions jump out: How, Why, to whom and by whom? The even bigger questions are what is the real cost of these breaches and how are how can companies protect themselves.
Who is getting their data breached?
No one is exempt from the threat, regardless of size or business type. The list of breached companies reads like a veritable Who’s Who of American businesses: Google, EBay, Home Depot, JP Morgan Chase, Sony, GE, Heartland Payment Systems, Adobe and Target along with many Universities and Government agencies. Healthcare providers consistently are the business type most often breached, despite extensive IT efforts and expense and Laws governing patient privacy. Community Health just had over 4.5M patient records exposed and no one is sure yet just how far reaching the exposure is from the recent breach of Healthcare.gov.
How do data breaches occur?
Ponemon’s review of 2013 breaches revealed that over 70% of breaches came from just five (5) causes.
- Stolen credentials: Passwords obtained from stolen or lost phones/computers, the careless disposal of old devices, malware or data stolen in another data breech are the leading cause of network intrusion.
- Data stealing malware: Used in the breaches at Home Depot and Target recently, this is software that steals data, whether it is passwords, credit cards, keystrokes or any of a number of other types of private data.
- Phishing: The act of pretending to be a trusted entity for the sole purpose of eliciting usernames, passwords, birth date, Social Security Numbers, etc. from an unsuspecting target.
- RAM Scraping: This is the act of capturing data being temporarily stored in RAM, as happened in the infamous Target breach. There is a millisecond of time between a debit card swipe and bank approval of the transaction. It is during this holding period that the data is unencrypted, and is thus vulnerable to capture.
- Backdoor Malware: Malware delivered as a Trojan that attacks unpatched security vulnerabilities.
In summary, most breaches originate through self-inflicted carelessness, followed by maliciousness.
Be sure to come back Friday and next Tuesday when we discuss why breaches occur, what they cost and how companies can protect themselves…
[author_bio username=”Barry” name=”yes”]