Happy Cybersecurity Awareness Month!

As data continues to be the core layer of modern organizations, cybersecurity will continue to be crucial to protecting data from unauthorized access. Data breaches have become the new norm; reaching their highest numbers of 1,291 in 2021.[i] Comparing this number to 1,108 in 2020, one cannot help but see an increase in case numbers.  

Most recently, the Colonial Pipeline cyber-attack may have been the most high-profile data breach since the Equifax data breach. The attack led to fuel shortages across the entirety of the east coast. After contentious negotiations, Colonial Pipeline paid $4.4 million dollars in ransom monies to hackers[ii]

Hackers are constantly using novel tactics to steal data. The best way to reduce and manage risks of experiencing a data breach is by providing yourcompany’s employees with training to identify cyber security red flags. 

This article speaks to the top 5 cybersecurity threats that affect small businesses.

  1. PHISHING AND EMPLOYEE EMAIL(S)

In 2021, hackers carried out multiple phishing attacks. Phishing attacks are a common scheme used by hackers to gain access to organizations’ networks and exfiltrate personal data.

In practice, hackers deceptively pose as a co-worker or business associate to have personal data disclosed by actual employees. 

A successful phishing attack can result in hackers exfiltrating personal data such as usernames, passwords, or credit card numbers. Phishing is effective because people are likely to react without suspecting foul play when contacted by a co-worker or business associate. 

According to IBM, in 2019, hackers used phishing as an entry for one-third of all cyber-attacks[iii]. Also, spam emails commonly appeared to come from large technology or social media companies. By mimicking email addresses and creating fake webpages, hackers can obtain legitimate credentials and use them to gain unauthorized access to accounts or emails. 

Phishing attacks generally involves employees clicking on unsafe links in emails. Phishing attacks are relatively easy, inexpensive, and successful for threat actors. Phishing is the fourth most common cause of data breaches[iv]. Phishing risks can be reduced through continuous training of employees and the labeling of external emails. Financial institutions are the biggest target of phishing activities[v].

  1. MALWARE ATTACKS

Globally, organizations have experienced an increase in malware attacks. Malware is an intrusive software that is designed to damage and destroy computers and computer systems.[vi] To mitigate the risk of malware deficiencies, organizations should implement intrusion and breach notification software. 

To defend against malware attacks, quick identification of the software is crucial. This requires continuous network scanning for malicious software. Once a threat is identified, immediate removal of the software must be performed. 

Organizations should define new viruses and malwares to enable malware scan engines to detect the malicious software[vii]. Without the latest updates, anti-malware software won’t know what new threats exist and it won’t be able to protect organizational systems. Other methods of reducing malware risk includes: 

  1. Not sharing root to all libraries on systems, 
  2. reducing the public authority of the root directory, 
  3. running native anti-virus software on all servers,
  4. keeping anti-virus software current, 
  5. schedule weekly full-system scans, and 
  6. review logs for scan results[viii].
  1. RANSOMWARE ATTACKS

Ransomware is one of the biggest threats facing organizations across industries and geographies.[ix] It is generally used in phishing attacks through software that restricts users from accessing their data. By clicking a disguised link, the user downloads the malicious software. The hacker proceeds to encrypt data, demand a payment in exchange for a decrypting key, and extort said company.

In response to the uptick of ransomware attacks, cyber insurers have been raising prices and lowering coverage. Sectors hit hard over the past year include education, government, healthcare, construction, and manufacturing. Cyber insurance policy holders have seen premiums increase by 300% or more at renewal time.[x]

  1. ENDPOINT SECURITY

Endpoint security protects users from malware and phishing attacks by using encryption techniques to monitor and block certain activities. Oftentimes, businesses remotely connect their computer networks to their clients’ devices. These devices include laptops and cellphones. By connecting these devices to corporate networks, paths are created that allow for security threats. Endpoint Security protects devices from unauthorized access. Endpoint security is crucial to cybersecurity because data is one of the most valuable assets.

  • INTERNAL VULNERABILITIES AND THREATS

The Colonial Pipeline cyber-attack was the result of a single compromised password.[xi] Hackers entered Colonial Pipeline’s networks through a virtual private network (“VPN”) account. Although the account hadn’t been in use for some time, access to it was used to gain access to Colonial Pipeline’s broader network. 

Unprotected data can lead to data exfiltration. To protect a data set, first determine what protection the data set has. From there you can protect data sets with either discrete or generic profiles.[xii] Security classification of user(s) and data allows organizations to impose additional access controls on sensitive resources. 

With more people storing personal data on their computers, it has never been more important to protect yourself from hackers looking to gain access to your personal data. Employees should never click on a link embedded in an email from external users or unverified third-party vendors.

Failure to keep systems current can be addressed through continuous patching of systems. A patch is a modification to a program to improve its security, performance, or other features.[xiii] Patching software can be part of an application’s lifecycle to address newly discovered security vulnerabilities and performance issues. Effective patching is crucial to reducing the risks of unauthorized access from known vulnerabilities. 

Organizations should also implement downloading restriction policies to prevent users from downloading unsafe files. This allows organizations to prevent users from downloading any files deemed to be ‘unsafe.’ Such restrictions apply to downloads triggered from webpage content and downloading links. 

Credential management systems (those that ‘remember’ your usernames and passwords) is an effective way to control access to sensitive data. Credential management systems are available both on an individual level and as an enterprise-wide system. To control user access, organizations must have the capability to approve and revoke credentials as customers and employees come and go in the regular course of business. Importantly, the increase scrutiny of data privacy regulations increased the need for organizations to have the ability to validate the identity of customers and employees. 

If a hacker gains control of a credential management software, they can go undetected because of their ability to issue credentials.[xiv]

NEED HELP WITH A PROJECT?

Appolo Compliance offers data privacy risk assessments and specific compliance solutions and strategic data privacy programs that balance business and legal risks.

Specifically, we offer:

  • Privacy by design and privacy by default implementation
  • Data mapping, gap assessment, and system inventory
  • Data privacy policies and procedures
  • Data breach preparedness and incident response
  • Data privacy training and awareness
  • Data privacy impact assessments
  • Data privacy compliance program (GDPR, CCPA, HIPAA, Schrems II, et. Cet.)
  • Data privacy contract clause creation
  • Third-party data sharing agreement
  • Cybersecurity infrastructure review
  • Data subject access requests
  • Data privacy program management (24/7 access to our managed data privacy services).

Data privacy and cyber-security risks are rapidly evolving, which adds to the complexity of running an effective and efficient data privacy compliance program. Instead of taking on this challenge on your own, we invite you to contact Appolo Compliance for help developing an effective data privacy compliance program.

ENDNOTES:


[i] https://notified.idtheftcenter.org/s/2021-q3-data-breach-analysis?mod=djemCybersecruityPro&tpl=cy

[ii] https://breakingdefense.com/2021/10/colonial-pipeline-hack-shows-peril-of-ignoring-military-cyber-vulnerabilities-kendall/

[iii] https://securityintelligence.com/posts/state-of-the-phish-ibm-x-force-reveals-current-phishing-attack-trends/

[iv] https://www.ibm.com/security/phishing

[v] https://www.ibm.com/security/phishing

[vi] https://www.cisco.com/c/en/us/products/security/advanced-malware-protection/what-is-malware.html

[vii] https://ttnl.nl/wp-content/uploads/2019/02/pt-when-malware-attacks-guide.pdf

[viii] https://ttnl.nl/wp-content/uploads/2019/02/pt-when-malware-attacks-guide.pdf

[ix] https://www.ibm.com/security/phishing

[x] https://www.infosecurity-magazine.com/news/most-insurers-mandate-mfa-premiums/?mod=djemCybersecruityPro&tpl=cy

[xi] https://www.bloomberg.com/news/articles/2021-06-04/hackers-breached-colonial-pipeline-using-compromised-password

[xii] https://www.ibm.com/docs/en/zos/2.4.0?topic=set-finding-out-how-data-is-protected

[xiii] https://www.hypr.com/patch/

[xiv] https://cpl.thalesgroup.com/faq/key-secrets-management/what-credentials-management-system

Published by apollocompliance

Jean-Marc is a law student interested in cybersecurity and data privacy law.

Leave a Reply

Your email address will not be published. Required fields are marked *